API Integrations

The Cloud Application Security product offers both inline and API Mode CASB functionality to provide visibility into cloud service activity. The use of the cloud service API means that all file activity can be logged by the Unified Security Service, irrespective of the device being used or the method by which the user interacts with the app. An API integration establishes a trust between the USS CASB and the third-party application, so that events can be received by the CASB for processing.

API Mode operates out-of-band, which means that events are sent to the CASB for analysis after they have happened. For enforcement, please see the control offered by the App Catalog working in conjunction with Web Security.

Several API integrations are directly supported:

  • OneDrive / SharePoint - an account of at least Office 365 Business Essentials is required
You will require the credentials of an administrator user on each third-party application, in order to integrate the application with the CASB product.

Integrating a third-party cloud application

To an an API integration, visit your USS Dashboard and click ProductsCloud Application SecurityAPI Integrations. Click the + button to add a new API integration.

Select from the list of supported cloud applications. Selecting an app will begin the process to link the cloud application to the CASB product.

OneDrive for Business

Click the OneDrive for Business icon to start the process. You will be redirected to the Office 365 login screen, where you will be asked to authorise USS CASB to receive events.

Specify your Office 365 domain, and enter your administrator user credentials.

You must provide credentials for an administrator user on your Office 365 domain.

Optionally, at this point you may be redirected to the Microsoft sign-in page and asked to authenticate again. This is normal.

Review the permissions, and then scroll down and click Accept.

You will then be redirected back to the API Integrations screen, where the icon for the new OneDrive for Business integration will now be visible.

After a few minutes you should start to see events appear in the Cloud Activity (API) report.

Depending on the third party, you may have to wait as long as 24 hours before processed events appear in reports.

SharePoint Online

Click the SharePoint Online icon to start the process. You will be redirected to the Office 365 login screen, where you will be asked to authorise USS CASB to receive events.

Specify your Office 365 domain, and enter your administrator user credentials.

You must provide credentials for an administrator user on your Office 365 domain.

Optionally, at this point you may be redirected to the Microsoft sign-in page and asked to authenticate again. This is normal.

Review the permissions, and then scroll down and click Accept.

You will then be redirected back to the API Integrations screen, where the icon for the new OneDrive for Business integration will now be visible.

After a few minutes you should start to see events appear in the Cloud Activity (API) report.

Depending on the third party, you may have to wait as long as 24 hours before processed events appear in reports.

Confirm that events are being processed

A few minutes after an API integration has been configured, you should see corresponding events in the Cloud Activity (API) report.

Visit your USS Dashboard, and click Analytics. In the Reports & Charts search bar, search for "api".

Click Cloud Activity (API) to see the report tab open .

Click Run Report. After a few moments, the Report will be displayed, containing events based on the API integration(s) that have been configured.

Troubleshooting

If you're not seeing any results:

  • Depending on the third party, you may have to wait as long as 24 hours before processed events appear in reports. This is particularly true if you have only just created the account with the third-party service. Usually you'll start to see events after 10 minutes.
  • Ensure that you've generated some events as a user of the third-party app since configuring the integration. For example, upload a file through the website, sync a client or use a mobile app.
  • Check that you've completed the correct steps in the integration process above for the relevant third-party service.
  • Ensure that the app is not paused in the API Integration screen.
  • Contact your service provider to confirm that events are being received by the CASB system.


How did we do?