Configure a cloud application API connection in Forcepoint CASB

If you prefer to set up the API connection in Forcepoint CASB instead of the Forcepoint Security Manager, follow these steps:

Steps

  1. In Forcepoint CASB, go to Settings > Resources > Assets.
  2. Select the cloud application (asset) from the list.
  3. Expand the Asset Governance section.
  4. Under API connection, click Set connection.
  5. Forcepoint CASB opens the cloud application logon page. Log on to the account using an administrator account. For more information about account requirements, see the Forcepoint CASB Service Provider API Connection Guide.
  6. The cloud application shows a page with the permissions that Forcepoint CASB is requesting. Approve the request to close this page and log on to the account.
  7. In Forcepoint CASB, the API connection section shows Credentials added successfully if the connection succeeded. If the connection failed, re-enter the credentials.
  8. Click Test connection to verify that Forcepoint CASB can successfully connect to the cloud application.
  9. Click the Activity import button to enable or disable the setting.
    • If data at rest scanning is disabled, this setting is shown as Activity import disabled and the off button is highlighted.
    • If data at rest scanning is enabled, this setting is shown as Activity import enabled and the on button is highlighted.
    Forcepoint CASB downloads the activities through the configured API connection. This process might take up to 24 hours.
  10. Expand the Data Classification section.
  11. Enter an Archive folder path. This path is needed for some API mitigation rules, such as Remove sharing permissions, Keep a safe copy, and Quarantine. The archive folder must reside on the scanned asset, so the path needs to match the browser URL.
  12. Click Save archive folder settings.
  13. When you select the Quarantine mitigation in an API policy, you have the option of leaving a note where the sensitive file was located. You can customize the note here.

    To edit the current note:

    1. Click the download icon next to the format icon (docx, xlsx, pptx, pdf, or txt).
    2. Open the downloaded note, edit the text, and save the file
    3. Click the upload icon, browse to the file, then click Open.

    To upload a new note:

    1. Click the upload icon, browse to the file, then click Open.

    To restore the note to the default:

    1. Click the restore icon.
    2. Confirm that you want to restore the default note.
  14. Click Save quarantine note settings.
    After the API connection is set in Forcepoint CASB, the connection is also visible in the Forcepoint Security Manager (DATA > Policy Management > ResourcesCloud Applications) under the Cloud API Status column in the cloud applications table.