Atlassian: Configuring API access

This guide page will walk you through how to create an API token in Atlassian to integrate with Forcepoint ONE SSE for scanning of data within Confluence for visibility. Scan will look at all content uploaded/edited within Pages, Blog Posts, Comments, and Attachments.

For creating the API token and authorizing the integration, Atlassian requires you use an account that is an organizational admin. With that account you can create the API token and then input the configuration information into Forcepoint ONE SSE. You can either use your original administrator account when you setup your organization in Atlassian or create a new account that is an administrator.

Steps

  1. Start by logging into your Atlassian organization as an admin. Navigate to Settings > Administrators in the left column.
  2. On the Administrators page select Add administrators in the top right and then enter the email address of the user in your organization you wish to make an administrator.




  3. Now you can login as that admin account you created and select your user icon in the bottom left of the screen and select your profile. On the Profile page select Security from the left column and at the bottom click Create and manage API token. Conversely you can also just login to https://id.atlassian.com/manage/api-tokens directly as that admin user account to be taken to the API token creation page.




  4. On this new page click Create API Token in the top right and then provide a recognizable name in the new dialog window that pops up and click Create. The dialog window will now show you your API Token (click the eyeball to see it in plain text) and then click Copy at the bottom as we will need to input this token into Forcepoint ONE SSE in step 7 below.






  5. Now you can open a new browser window/tab and navigate to the Forcepoint ONE SSE admin portal and login as a Forcepoint ONE SSE admin account. This account must have access to view/edit the Atlassian application within your tenant. On the Protect > Policies page select the Atlassian application to get to the application's settings page.


    Note: To learn about how to add the Atlassian application to your tenant, refer to the Atlassian: Deploying Forcepoint ONE SSE as a SAML IdP.
  6. In the Atlassian settings page, click Setup APIand then on the next page click the green plus icon to add a new Confluence organization site that you wish to scan with the Forcepoint ONE SSE API. You can add any number of Confluence organization sites.




  7. In the Authorize Confluence dialog window, enter the Atlassian admin account you used to create the API token in the above steps, copy over the token that was generated in step 4 to the User API Key field, and then enter your Confluence organization's site URL. Click verify when you are done.


  8. Once verification is successful you will see a new table in the dialog window for adding the DLP patterns you wish to scan for. You will no longer be able to edit the authorization information (Email, API key, Site URL). Add as many of your DLP patterns from the DLP Objects page that you wish to scan for and then click Ok at the bottom. Now Forcepoint ONE SSE will initiate a scan to identify any sensitive data matching your data patterns and populate the identified data on the API Logs.