Skip to main content


Visualizes Heroku teams, users, applications, and services, map Heroku users to employees, and monitors changes through queries and alerts.


To use this integration, JupiterOne requires an API key configured for read access in your Heroku account. The integration currently requires a Heroku Enterprise account and the read OAuth scope. Optionally, you can use the global OAuth scope to be able to fetch members of a Heroku team.

The account used to generate the API key dictates which permissions it has. For full access to all available data, an account with the admin role should be used. Using an account with the member role will be able to pull in most data, but currently application add-on information is only available using the admin role.


For additional information on creating an API key on Heroku, refer to their API documentation.

Configuration in JupiterOne

To install the Heroku integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Heroku. Click New Instance to begin configuring your integration, providing the following:

  • The Account Name used to identify the Addigy account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when the AccountName toggle is enabled.

  • Description to assist in identifying the integration instance, if desired.

  • Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.

  • Lastly, your Heroku API Key.

Click Create Configuration after all values are provided.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.