API Integrations

Updated 8 months ago by admin

The Cloud Application Security product offers both inline and API Mode CASB functionality, and supports the leading file storage cloud services to provide visibility, threat protection and malware scanning. The use of the cloud service API means that all file activity can be logged (and optionally scanned) by the Unified Security Service, irrespective of the device being used or the method by which the user interacts with the app. An API integration establishes a trust between the USS CASB and the third-party application, so that events can be received by the CASB for processing.

API Mode operates out-of-band, which means that events are sent to the CASB for analysis after they have happened. For enforcement, please see the control offered by the App Catalog working in conjunction with Web Security.

Several API integrations are directly supported:

  • Box - an account of at least Business level is required
  • Dropbox - an account of at least Business Advanced level is required
  • Google Drive - an account of at least G Suite Business level is required
  • OneDrive / SharePoint - an account of at least Office 365 Business Essentials is required
You will require the credentials of an administrator user on each third-party application, in order to integrate the application with the CASB product.

Integrating a third-party cloud application

To an an API integration, visit your USS Dashboard and click ProductsCloud Application SecurityAPI Integrations. Click the button to add a new API integration.

Select from the list of supported cloud applications. Selecting an app will begin the process to link the cloud application to the CASB product.

Box

Click the Box icon to start the process. You will be redirected to the Box login screen, where you will be asked to authorise USS CASB to receive events.

The vendor for this integration will be listed as "Censornet".
You must provide credentials for an administrator user on Box.com.

Review the permissions, and then click Grant access to Box.

You will then be redirected back to the API Integrations screen, where the icon for the new Box integration will now be visible.

After a few minutes you should start to see events appear in the Cloud Activity (API) report.

Depending on the third party, you may have to wait as long as 24 hours before processed events appear in reports.

Dropbox

Click the Dropbox icon to start the process. You will be redirected to the Dropbox login screen, where you will be asked to authorise Unified Security Service - CASB to receive events.

You must provide credentials for an administrator user on Dropbox.com.

Review the permissions, and then click Grant access to Box.

You will then be redirected back to the API Integrations screen, where the icon for the new Box integration will now be visible.

After a few minutes you should start to see events appear in the Cloud Activity (API) report.

Depending on the third party, you may have to wait as long as 24 hours before processed events appear in reports.
Confirm Dropbox integration

You can also confirm that the integration is in place from within Dropbox. Sign in to Dropbox.com, then click Admin ConsoleSettingsTeam Apps.

TODO check that this is still where this is accessed on dropbox

The Unified Security Service - CASB app should be listed.

Google Drive

Click the Google Drive icon to start the process.

Carefully read the message that is displayed. Before you can connect Google Drive to the CASB product, you must first authorise the CASB to authenticate. You will be shown the following message, and are required to follow the instructions before continuing.

  1. Visit https://admin.google.com/ and sign in with a valid user.
  2. Click SecuritySettings.
  1. Click API Reference, and ensure that Enable API access is checked.
  1. Scroll down to Advanced Settings and click Manage API client access.
  1. Enter 102132327270584587510 into the Client Name field.
  2. Paste the following comma-separated URLs into the One or More API Scopes field.

https://www.googleapis.com/auth/admin.directory.user, https://www.googleapis.com/auth/admin.directory.group, https://www.googleapis.com/auth/admin.reports.audit.readonly, https://www.googleapis.com/auth/drive, https://www.googleapis.com/auth/activity

  1. Click Authorize.
  2. Return to the API Integration window, scroll down to the bottom, and click Continue.
  1. You will be redirected to the Google login screen, and prompted to authorise CensorNet CASB to receive events. Select the Google account you wish to use to sign in.
  1. Carefully review the permissions, then click Allow.

You will be redirected back to the USS API Integrations screen, where the new Google Drive icon will now be visible.

After a few minutes you should start to see events appear in the Cloud Activity (API) report.

Depending on the third party, you may have to wait as long as 24 hours before processed events appear in reports.
Confirm Google Drive integration

You can also confirm that the integration is in place within Google Drive. Visit admin.google.com and click SecuritySettings. Scroll down to API Permissions.

Under the API access group, click the link reading "1 app", under Drive.

The CensorNet CASB product should be listed.

OneDrive for Business

Click the OneDrive for Business icon to start the process. You will be redirected to the Office 365 login screen, where you will be asked to authorise USS CASB to receive events.

Specify your Office 365 domain, and enter your administrator user credentials.

You must provide credentials for an administrator user on your Office 365 domain.

Optionally, at this point you may be redirected to the Microsoft sign-in page and asked to authenticate again. This is normal.

Review the permissions, and then scroll down and click Accept.

You will then be redirected back to the API Integrations screen, where the icon for the new OneDrive for Business integration will now be visible.

After a few minutes you should start to see events appear in the Cloud Activity (API) report.

Depending on the third party, you may have to wait as long as 24 hours before processed events appear in reports.

SharePoint Online

Click the SharePoint Online icon to start the process. You will be redirected to the Office 365 login screen, where you will be asked to authorise USS CASB to receive events.

Specify your Office 365 domain, and enter your administrator user credentials.

You must provide credentials for an administrator user on your Office 365 domain.

Optionally, at this point you may be redirected to the Microsoft sign-in page and asked to authenticate again. This is normal.

Review the permissions, and then scroll down and click Accept.

You will then be redirected back to the API Integrations screen, where the icon for the new OneDrive for Business integration will now be visible.

After a few minutes you should start to see events appear in the Cloud Activity (API) report.

Depending on the third party, you may have to wait as long as 24 hours before processed events appear in reports.

Confirm that events are being processed

A few minutes after an API integration has been configured, you should see corresponding events in the Cloud Activity (API) report.

Visit your USS Dashboard, and click Analytics. In the Reports & Charts search bar, search for "api".

Click Cloud Activity (API) to see the report tab open .

Click [ICON run report]. After a few moments, the Report will be displayed, containing events based on the API integration(s) that have been configured.

Troubleshooting

If you're not seeing any results:

  • Depending on the third party, you may have to wait as long as 24 hours before processed events appear in reports. This is particularly true if you have only just created the account with the third-party service. Usually you'll start to see events after 10 minutes.
  • Ensure that you've generated some events as a user of the third-party app since configuring the integration. For example, upload a file through the website, sync a client or use a mobile app.
  • Check that you've completed the correct steps in the integration process above for the relevant third-party service.
  • Ensure that the app is not paused in the API Integration screen.
  • Contact your service provider to confirm that events are being received by the CASB system.


How did we do?