Integration Credential Manager

Integration Credential Manager lets you create credentials that can be used for integrating other products with Sophos Central.

You can manage all your credentials in one place and re-use them. This approach reduces the risk of security breaches.

If you set up multiple integrations of the same product, credential management also avoids the need to create a new credential each time.

This page tells you how to do as follows:

• View credentials
• Add credentials
• Edit credentials
• Suspend or unsuspend credentials
• Delete credentials
• View credential details, usage, and logs

View credentials

To open Integration Credential Manager and view credentials, do as follows:

1. In Sophos Central, go to My Products > General Settings.

2. Under Administration, click Integration Credential Manager.

   

3. On the Integration Credential Manager page, you can see and manage credentials you've already created.

   

The list includes any credentials you've created during integration setup as well as credentials you've created in Credential Manager.

The list includes the following information:

• Health status: An icon in the leftmost column shows whether the health status is Green (Healthy), Yellow (Partially healthy), or Red (Unhealthy).
• Used by: The integration features that can use the credential. For example, Data Ingestion or Response Action.
• Credential type: The product integration that the credential is used for.

For full details, click a credential's name. See View credential details, usage, and logs

Add credentials

You can create new credentials in Credential Manager any time and use them later as needed.

This example shows you how to add a credential for an API-type product integration. For detailed setup steps, go to Integrations, click your product name, and read the help on credentials.

1. In Sophos Central, go to My Products > General Settings.
2. Under Administration, click Integration Credential Manager.

3. On the Integration Credential Manager page, click Add.

   

4. On the Type page, enter the Credential Type, in this example Okta API Token. Click Next.

   

5. On the Details page, enter a Name and Description. Then enter the following settings:

   1. Select the Permissions your credential will have. You can select Read or Write.
   2. In Integrations with Access, select the integration features that can use the credential. For example, Response Action.
   3. Optional: Set an Expiration date.

   

6. On the right of the Details page, under the Vendor and Product documentation and disclaimer, select the checkbox to confirm that you understand the security implications of using the new credential.

   If you don't select the checkbox now, you'll have another chance on the next page. Click Next.

7. On the Credential page, enter the required values. In this example, you must enter the following values:

   • The URL
   • The API Token

   You can get these details from your third-party product as explained in the help page for each credential type.

   Click Save.

   

Edit credentials

You can edit credentials as follows:

1. In Sophos Central, go to My Products > General Settings.
2. Under Administration, click Integration Credential Manager.

3. Find the credential and click its name to view details.

   

4. Click the Actions drop-down and select Edit.

   

5. You see the same setup pages used to create the credential, with your settings showing. You can change the settings on the Details and Credential pages.

Suspend credentials

You can suspend credentials. This means that they won't be available for integrations to use them.

You might suspend a credential for the following reasons:

• The credential is compromised. Suspending it prevents unauthorized access.
• The credential isn't working. Suspending it gives you time to debug it.

Remember that when you suspend a credential, the integrations that use it stop sending data to Sophos.

To suspend a credential, do as follows.

1. Go to My Products > General Settings.
2. Under Administration, click Integration Credential Manager.

3. Find the credential in the credentials list and select it.

   

4. Click the Actions drop-down and select Suspend.

   

5. When you see a warning that the credential may be in use, click Suspend.

Unsuspend credentials

You can unsuspend a credential so that integrations can begin using it again.

To unsuspend a credential, do as follows:

1. Go to My Products > General Settings.
2. Under Administration, click Integration Credential Manager.

3. Find the credential in the credentials list and select it.

   

4. Click the Actions drop-down and select Edit.

   

Delete credentials

You can delete credentials if they're no longer needed.

To delete a credential, do as follows:

1. Go to My Products > General Settings.
2. Under Administration, click Integration Credential Manager.

3. Find the credential in the credentials list and select it.

   

4. Click the Actions drop-down and select Edit.

   

5. When you see a warning that the credential may be in use, click Delete.

View credential details, usage, and logs

To view details of the credential settings, usage, and logs, do as follows:

1. Go to My Products > General Settings.
2. Under Administration, click Integration Credential Manager.

3. Find the credential in the credentials list and click its name to see details.

   

The details page shows the following:

• Health status: Green (Healthy), Yellow (Partially healthy, or Red (Unhealthy).
• Vendor and Vendor Identifier.
• Permissions.
• Integration Access: The integration features that use the credential. For example, Data Ingestion or Response Action.

The Usage section shows the number of requests sent to the credential and the last time a request was sent.

The Logs show the 250 most recent log events. You can filter the events by status, the integration type that sent the request, and the time range.