Enabling API scanning in Forcepoint Data Security Cloud | SSE

Steps

  1. Start by navigating to the Microsoft 365 application settings page and then select Setup API.


  2. On the API Setup page, select Enable API Scanning about halfway down the page and click Save in the top right.


    Refer to Azure: Configuring CSPM audit to learn how to setup Azure CSPM scanning.

  3. Once you are done you can then authorize Forcepoint Data Security Cloud | SSE for scanning by clicking the following link. Authorization is performed via an app-only token. Click this link Microsoft365 Authorization and then follow the steps below to grant Forcepoint Data Security Cloud | SSE access to Microsoft 365 via API.
    Note:

    The admin account used to authorize the API must meet the following requirements:

    • Is a Global Admin in Microsoft365
    • Has Microsoft365 Enterprise E1 or higher license (and a valid OneDrive license)
    1. Login to Microsoft office online with admin credentials.
    2. You will now be redirected to the authorization page to explicitly permit Forcepoint Data Security Cloud | SSE to access your account with the mentioned privileges. Login with an Microsoft 365 admin account.






      To learn more about Microsoft 365 API integration requirements and account permissions, see the Forcepoint ONE Microsoft 365 API Integration – Requirements and Account Permissions page.
    3. Clicking Accept will give Forcepoint Data Security Cloud | SSE access to your organization's Microsoft 365 Account via API with the listed privileges. A healthy connection will be denoted by a green check next to the Setup API option on the Microsoft 365 application settings page. A red cross indicates that the setup is not complete or is in error.