Blog

Introducing in-browser app banners: Set guardrails for cloud apps | Learn more →

Ready to help

How does Push discover SaaS?

Push uses two methods to provide a full inventory of your cloud identities and apps. To get full visibility, you must set up an API integration with your primary work platform(s) and install the Push browser extension on employee browsers in your environment.

They each play a role in providing full visibility:

The API integration provides visibility into:

  • SaaS applications that your employees access via social login, such as Sign In with Google and Sign In with Microsoft.

  • Third-party OAuth integrations they consent to.

  • Security vulnerabilities associated with these platforms, such as a lack of MFA protection and suspicious mail rules created by employee accounts.

Learn more about setting up an API integration and the required permissions in our documentation.

The Push browser extension provides visibility into:

  • Accounts that your employees create and access with a username and password, including unmanaged and non-SSO accounts, as well as their use of social logins (OIDC) to access cloud apps.

  • Security vulnerabilities associated with these accounts, such as leaked, reused, shared or weak credentials.

Learn more about installing the browser extension and deployment options in our documentation.