> ## Documentation Index
> Fetch the complete documentation index at: https://conductorone-docs-baton-kubernetes.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Set up an Octopus connector

> C1 provides identity governance for Octopus Deploy. Integrate your Octopus instance with C1 for unified visibility and governance over user access.

C1 provides identity governance for Octopus Deploy. Integrate your Octopus
instance with C1 for unified visibility and governance over user access.

## Capabilities

| Resource | Sync                                                          | Provision |
| -------- | ------------------------------------------------------------- | --------- |
| Users    | <Icon icon="square-check" iconType="solid" color="#c937ae" /> |           |
| Teams    | <Icon icon="square-check" iconType="solid" color="#c937ae" /> |           |

The connector reads one Octopus Deploy instance. It syncs that instance's
users and teams — both instance-wide teams and teams scoped to individual
spaces — along with each team's membership. Users sync as enabled or
disabled based on their active state in Octopus, and service accounts are
labeled as such.

The built-in Everyone team includes every user on the instance by
definition, so the connector reports each user as a member of it. Teams
mapped to external directory groups (Active Directory or Microsoft Entra
ID) carry those mappings as team attributes for visibility; membership
conferred through an external directory group resolves inside Octopus at
sign-in and is not expanded into individual memberships.

## Gather Octopus credentials

<Warning>
  The API key's owner needs permission to view users and teams across the
  instance. Membership in the built-in **Octopus Administrators** or
  **Octopus Managers** team covers this. A key created by a user without
  those permissions cannot list other users and does not work with this
  connector.
</Warning>

<Steps>
  <Step>
    Sign in to your Octopus instance as a user with permission to view
    users and teams, or use a service account with those permissions.
  </Step>

  <Step>
    Open your avatar menu and go to **Profile** > **My API Keys** (for a
    service account, open the account under **Configuration** > **Users**
    and find its **API Keys** section). Click **New API Key**, give it a
    purpose, and create it.
  </Step>

  <Step>
    Copy the key when it is shown — Octopus displays it only once — and
    note your instance's base URL. For Octopus Cloud this is
    `https://<instance>.octopus.app`; for self-hosted Octopus Server it is
    your own address, including any virtual directory the server is
    installed under.
  </Step>
</Steps>

## Configure the Octopus connector

<Tabs>
  <Tab title="Cloud-hosted">
    Follow these instructions to use a built-in, no-code connector hosted by C1.

    <Steps>
      <Step>
        In C1, navigate to **Integrations** > **Connectors** and click **Add connector**.
      </Step>

      <Step>
        Search for **Octopus** and click **Add**.
      </Step>

      <Step>
        Choose how to set up the new Octopus connector.
      </Step>

      <Step>
        Set the owner for this connector.
      </Step>

      <Step>
        Click **Next**.
      </Step>

      <Step>
        Find the **Settings** area of the page and click **Edit**.
      </Step>

      <Step>
        Enter the Octopus credentials:

        * **Octopus base URL**: your instance's address, with no trailing
          slash. For example, `https://mycompany.octopus.app`.
        * **API key**: the API key created from your profile or service
          account.
      </Step>

      <Step>
        Click **Save**.
      </Step>

      <Step>
        The connector's label changes to **Syncing**, followed by **Connected**. You can view the logs to ensure that information is syncing.
      </Step>
    </Steps>

    **Done.** Your Octopus connector is now pulling access data into C1.
  </Tab>

  <Tab title="Self-hosted">
    Follow these instructions to run the Octopus connector in your own
    environment.

    <Steps>
      <Step>
        Create secrets for the Octopus credentials.
      </Step>

      <Step>
        Configure the connector environment variables:

        * **BATON\_OCTOPUS\_BASE\_URL**: your instance's address, with no
          trailing slash. For example, `https://mycompany.octopus.app`.
        * **BATON\_OCTOPUS\_API\_KEY**: the API key created from your profile
          or service account.
      </Step>

      <Step>
        Deploy the connector using your standard self-hosted connector process.
      </Step>
    </Steps>

    **Done.** Your Octopus connector is now pulling access data into C1.
  </Tab>
</Tabs>
