Info
Sophos provide various guides to their API that can be found in their API Documentation Portal.
You can use your Sophos account alongside HighGround to retrieve your Endpoint Protection data. This data can then be used to drive your Cyber KPI's. In order to synchronize this data to your HighGround account, you will need to connect to the Sophos API by first generating API credentials, and then integrating the tool to HighGround.
The following process is reasonably technical, so please have a member of your IT personnel complete this if you do not have any prior experience with API's.
Please follow the steps below to generate API credentials for Sophos first, before moving onto our guide on How to Integrate a tool with your HighGround account.
STEP 1: Log in to Sophos
Log in to your Sophos account at the Sophos login page.
STEP 2: Go to Central partner Dashboard
Now you have logged in, you should see a page containing the below:
From the options, click on Central Partner Dashboard.
STEP 3: Generate API Credentials
Within Sophos, you can choose to generate API credentials for your account or individually if you have multiple accounts under your management.
If you are a company with your own Sophos account and want to use the Sophos API for your own organisation - follow the steps under 'Generate API keys for your own organization or all organizations'.
If you are a company with your own Sophos account and manage multiple entities within this account (for example, a holding company with multiple subsidiaries) and wish to integrate a specific one of these only, follow the steps under 'Generate API key for an Individual organization'.
If you are an MSP/IT Management company and you want to connect the Sophos API for a client under your management, follow the steps under 'Generate API key for an Individual organization'.
If you are an MSP/IT Management company and you want to connect the Sophos API for every organization that you manage - see the steps under 'Generate API key for your own organization or all organizations'.
Warning
Managed Service Providers (MSP) and IT Management companies wishing to generate API credentials for ONE of the organisations they manage (versus every organization managed in Sophos) must follow the steps in the tab on the right below. Otherwise, API credentials will be generated for every organisation you manage in Sophos.
Generate API key for your own organization or all organizations
Generate API key for your own organization or all organizations
From the left-hand menu, select Settings & Policies:
Then, select the option for API Credentials Management located under the Partner account settings section.
You can now continue on the current guide.
Generate API key for an individual organization
Generate API key for an individual organization
From the left-hand menu, go to Sophos Central Customers:
You should now see a list of all the organizations or divisions you have connected to the Sophos account. Select the organization that you would like to generate the API credentials for.
With the chosen organisation highlighted, click Launch Sophos Central Admin:
In the Central Admin page, click on Global Settings from the left-hand menu:
You should now see a variety of linked options to choose from.
From the options under Administration, select API credentials:
You can now continue on the current guide.
To generate the API Credentials, click the Add Credential button located towards the top-right of the window:
This will open up a new window where you can add the following details:
Credential name: provide a name for the credential, such as 'HighGround.io Integration'
Description: provide a brief description of the purpose of the credential
Role: this is the Service Principal that governs access to API's. For the purposes of integrating Sophos, you must select the role of Service Principal Super Admin
TIP
Select the option for Service Principal Super Admin from the Role drop-down.
STEP 4: Retrieve the Credentials
NOTE
Make sure to keep a note of your Client Secret, as Sophos will only show this once.
Now you have generated the API credentials, you will see a summary window like the one below:
You will need the Client ID and Client Secret to integrate Sophos with your HighGround account. Select Show Client Secret to see the Client Secret.
Clicking the Copy button next to each field will copy the string to your clipboard.
STEP 5: Integrate Sophos to your HighGround Account
You can now use the API credentials retrieved in the previous step to integrate Sophos to your HighGround account.
To do so, you will need to go to the Integrations area of your HighGround account, and find the Sophos tool under 'Endpoint Protection'. Clicking on 'Connect Tool' will open a window for you to enter your API credentials:
Continue in the integration window pictured above to complete the process of connecting your Sophos tool.
If you are unsure of how to complete the integration, you can look at our guide on How to Integrate a tool with your HighGround account.