> ## Documentation Index > Fetch the complete documentation index at: https://conductorone-docs-mcp-bridge-private-server.mintlify.site/llms.txt > Use this file to discover all available pages before exploring further. # Set up an Infisical connector > C1 provides identity governance for Infisical. Integrate your Infisical organization with C1 for unified visibility and governance over user access. C1 provides identity governance for Infisical. Integrate your Infisical organization with C1 for unified visibility and governance over user access. ## Capabilities | Resource | Sync | Provision | | ------------- | ------------------------------------------------------------- | --------- | | Users | | | | Organizations | | | | Projects | | | The connector reads one Infisical organization — the organization the Machine Identity belongs to. It syncs the organization's users (including pending invitations, which sync as disabled until accepted), the organization's projects, and the membership grants that connect users to their organization and to each project. The organization ID is discovered automatically from the projects the identity can see, so it never has to be configured. ## Gather Infisical credentials You need administrator access to your Infisical organization to create a Machine Identity and grant it read access. Sign in to Infisical and open **Organization Access Control** > **Identities**. Create a **Machine Identity** and attach the **Universal Auth** authentication method to it. Give the identity organization and project read access (for example the **Member** organization role, plus membership of the projects you want to sync) so it can list members. Copy the Universal Auth **Client ID** and **Client Secret**. The secret is shown only at creation time. ## Configure the Infisical connector Follow these instructions to use a built-in, no-code connector hosted by C1. In C1, navigate to **Integrations** > **Connectors** and click **Add connector**. Search for **Infisical** and click **Add**. Choose how to set up the new Infisical connector. Set the owner for this connector. Click **Next**. Find the **Settings** area of the page and click **Edit**. Enter the Infisical credentials: * **Machine Identity client ID**: the Universal Auth client ID you copied. * **Machine Identity client secret**: the Universal Auth client secret paired with the client ID. * **Infisical base URL**: `https://app.infisical.com` for Infisical Cloud (US region), `https://eu.infisical.com` for the EU region, or your self-hosted instance URL, with no trailing slash. Click **Save**. The connector's label changes to **Syncing**, followed by **Connected**. You can view the logs to ensure that information is syncing. **Done.** Your Infisical connector is now pulling access data into C1. Follow these instructions to run the Infisical connector in your own environment. Create a secret for the Infisical Machine Identity client secret. Configure the connector environment variables: * **BATON\_INFISICAL\_CLIENT\_ID**: the Universal Auth client ID you copied. * **BATON\_INFISICAL\_CLIENT\_SECRET**: the Universal Auth client secret paired with the client ID. * **BATON\_INFISICAL\_BASE\_URL**: `https://app.infisical.com` for Infisical Cloud (US region), `https://eu.infisical.com` for the EU region, or your self-hosted instance URL, with no trailing slash. Deploy the connector using your standard self-hosted connector process. **Done.** Your Infisical connector is now pulling access data into C1.