The Scenario
Your SOC 2 Type II audit is three weeks away. The auditor's questionnaire includes a line item requiring a complete list of all third-party OAuth integrations connected to your Prisma workspaces — integration name, OAuth client ID, granted scopes, creator, and creation date. You have three workspaces. The integrations are visible in the Prisma console, one workspace at a time, under the Integrations tab.
Your security engineer is finishing another deliverable. You are handling this one.
The bad version:
- Open workspace one, navigate to Integrations, record each entry manually
- Switch to workspace two, repeat
- Realize the "granted scopes" column in the Prisma console was truncated for two entries — you need to click into each one to see the full list
- Transfer your notes into Excel and spend time reformatting before you can share it with the auditor
The Easy Way: One Prompt in SheetXAI
SheetXAI is an AI agent that lives inside your Excel workbook. It reads the workbook, and through its Prisma integration it can pull all workspace integrations and write the complete access inventory into a table in one step.
Open your SOC 2 audit workbook and try:
List all integrations in my Prisma workspace and write a sheet with columns: integration name, OAuth client ID, granted scopes, creator, creation date
What You Get
- One row per integration across all workspaces
- Granted scopes as a complete comma-separated list per row — no truncation
- Creator identity in its own column for ownership verification
- Creation dates as YYYY-MM-DD for sorting by age
- All integrations in one flat table, no workspace navigation required
What If the Data Is Not Quite Ready
I need integrations from all three workspaces
Pull all workspace integrations across my 3 Prisma workspaces into this Excel sheet so I can flag any OAuth clients that should be revoked — include workspace name, integration name, OAuth client ID, granted scopes, creator, creation date
I want to flag any integration with write or admin scopes
List all Prisma workspace integrations, write the full details to this Excel workbook, and in column F mark "elevated" for any integration with scopes that include write, admin, or delete
I want to flag integrations created by people no longer on the team
List all Prisma workspace integrations, write full details to this workbook, and in column G mark "verify" for any integration where the creator email is not in the list on the Team worksheet
Pull all integrations, flag elevated scopes, flag stale ones, and produce a revocation candidate list in one shot
List all Prisma integrations across all workspaces, write workspace, integration name, client ID, scopes, creator, creation date to columns A–F, mark "elevated" in column G if scopes include write or admin, mark "stale" in column H if created more than 180 days ago, and in column I write "revoke-candidate" if both elevated and stale
The pattern: pull the full access inventory and apply the risk classification logic together so the workbook is ready for the auditor in one pass.
Try It
Get the 7-day free trial of SheetXAI and open your SOC 2 audit workbook, then ask it to pull all OAuth integrations from your Prisma workspaces and surface anything with elevated permissions. See also the spoke on auditing API key connections or the hub overview.