Configuring API policy actions
For Enterprise Grid/Select accounts you can now configure API policy actions on files, messages, and posts.
Steps
-
Under the API section click the green plus icon to add a new cloud policy line and then select it to open to Cloud Policy dialog to
adjust the policy.
-
Configuring the API policy is similar to all of our other apps, with the Conditions being the same options. Refer to the guide page for more information. Once you have configured
your conditions for the policy you can then select the Action: Allow (for visibility on newly created or modified items), Quarantine
or Create Copy.
Note:- Similar to other applications, you can perform these actions manually on the Cloud Dashboard in addition to allowlisting files if you wish to remediate a prior policy action.
-
Any existing API policies if present will not be enforced if the API setup is later changed to contain only the Forcepoint DLP data pattern. These API policies will become read-only and will display a message saying they are not enforced.
- When selecting Quarantine or Create Copy you will need to specify where the file goes. Since Slack doesn't have an actual file repository you will need to move the file to
another application that you have configured inside of Forcepoint ONE SSE. Select the admin account for that application,
the Directory Path you wish to put the file in and which app you are using.
Note:If you quarantine or create a copy of the file into a directory path that is subject to it's own API policy actions then that file may again be acted upon. Make sure that the location is a quarantine location that you are using for that app itself.
For example, if you are going to quarantine the file into OneDrive, make sure that you are placing it in the same quarantine file location that you are using with the OneDrive API.