Snyk for Government (US)

Snyk for Government (US) enables US federal agencies to develop fast and securely. By integrating with tools and workflows that developers already use, Snyk for Government (US) allows these agencies to shift left in their Software Development Lifecycle, enabling secure development from the start.

Because Snyk for Government (US) adheres to the FedRAMP and NIST security control requirements, federal agencies can be assured that the product complies with the security standards set forth by the US Government.

Snyk for Government (US) has differences from standard Snyk products that allow Snyk to be deployed to the US federal government. Adhering to FedRAMP and NIST control requirements means that some aspects of standard Snyk products are not supported in the FedRAMP environment.

This list identifies all the areas with differences in functionality in the Snyk for Government (US) product.

Core products limitations on availability

  • Snyk Code is available except:

    • Does not include Code Search

    • Does not include DeepCode AI Fix

  • Snyk Container is available except for Kubernetes Integration.

  • Snyk Open Source is available except:

    • Does not include Unmanaged C++

    • Does not include the npm packages @snyk/protect and @snyk/fix.

  • Snyk AppRisk is not available.

API keys not available

API keys are not available.

This means that attempts to create Service Accounts either through the UI or using the API with an auth_type of api_key are not accepted. You must ensure that the OAuth protocol is used instead for all scenarios where API keys would typically be used. See Service accounts using OAuth 2.0 for details. If you need help, contact Snyk Support.

In addition, the CLI must be used in OAuth mode, not with token-driven authentication.

Single Sign-On limitations on availability

Single Sign-On (SSO) is available except for Self-Serve Single Sign-On (SSO). All SSO setups are managed by Snyk. Some setup steps for Single Sign-On are slightly different:

  • The service provider is Okta rather than Auth0.

  • The ACS URL and Entity ID and certificate will be different per connection and thus will not match the Snyk Single Sign-On documentation.

  • To get the ACS Url, Entity ID, and cert, Snyk will need to part-provision the connection in Okta.

See Single Sign-On (SSO) for authentication to Snyk for details.

Integrations not available

Gatekeeper plugins are not available as they support OAuth authentication.

Reporting and data not available

Platform features not available

Last updated

More information

Snyk privacy policy

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.