About
When you connect Pipedream to DSALTA, the platform records the connected Pipedream account — the username and email of whoever provided the API key — using read-only API access. On every sync DSALTA compares that account against your People page, matched by email within your organization, and activates this check when the account is not an active employee on the People page.Pipedream does not provide a workspace member list, so the Access page shows a single row for the connected account rather than individual people. If the connected account’s email does not match a person in your directory, this check may not resolve automatically — confirm the account is owned by a current, authorized employee.
Why This Matters
Access tends to accumulate over time as roles change, leaving accounts with more reach than they need. A workflow automation platform can connect to and move data between your other systems, so access to it should belong only to current, authorized employees. Regularly validating who holds that access is a core control in SOC 2 and ISO 27001, which require access to critical systems to be restricted to authorized personnel.How to Fix
Before you begin- Ensure the Pipedream integration is connected so DSALTA has the current connected account.
- In Pipedream → Settings, review the connected account and workspace members, and remove access for anyone who is not a current employee.
- In DSALTA, go to People and confirm the Pipedream account exists and is active.
- In Data Library → Access, filter for Pipedream and confirm the connected account maps to an active employee on the People page.
- Mark the reviewed account as In Scope (valid) or Not in Scope (to be revoked), and record the reviewer.
Frequently Asked Questions
How often does this check run?
How often does this check run?
This check runs automatically every 24 hours while the Pipedream integration is connected. You can also trigger a manual sync from Integrations in the sidebar.
Why does the Access list show a single account instead of people?
Why does the Access list show a single account instead of people?
Pipedream’s API does not expose an individual member roster, so DSALTA records the connected Pipedream account (whoever provided the API key). Review that account’s owner manually against your People page.
Can I exclude this check?
Can I exclude this check?
Yes. If it does not apply to your environment, mark it as Not Applicable with a justification. The exclusion is documented for auditors.
Does DSALTA change my Pipedream configuration?
Does DSALTA change my Pipedream configuration?
No. DSALTA uses read-only API access and never modifies, creates, or deletes resources. All remediation is performed by your team directly in Pipedream.
.png?fit=max&auto=format&n=tsMQJyneJ1xquFUo&q=85&s=4d401cc03b547d99b6f75a6bd170c334)