STEP 1: Login to SentinelOne
Note
You will need to login using an administrator account in order to setup the API.
Login to your organization's SentinelOne console.
STEP 2: Create an API User
In order to authenticate the API requests, you will need to create a new user for this purpose.
To do so, go to Settings from the main left-hand menu:
Once in Settings, navigate to the Users tab:
Click Service Users:
Click Actions and select Create New Service User:
This will pop-up another window where you can enter the Name, Description, and Expiration Date for the user you are creating. We suggest adding the name ' HighGround API' and setting Expiration Date - 1 Year:
Once you have entered those details, click Next.
STEP 3: Define the User's Scope of Access
After clicking Next in the previous step, you can now define the Scope of Access for this user. This scope will define what data you synchronize from SentinelOne to your HighGround account.
Info
For MSP's/IT Management companies who manage multiple clients within their SentinelOne console: you can either choose to synchronize data globally from all clients by allowing the user to have access to all accounts, OR, you can synchronize data for a limited number of clients by allowing the user to access only specific accounts or sites.
To synchronize all data: select Account, and tick the boxes next to all of the accounts.
To synchronize data from a specific account/s: select Account, and then tick the box next to your chosen account/s.
To synchronize data from a specific site/s: select Site, then from the drop-down menu select the Account that the Site is under, and then tick the box next to your chosen Site/s.
When you tick the box next to an Account or Site, you will see an option appear for you to select a role. This role dictates what permissions the user will have for each particular account/site.
From the options, select Viewer:
Make sure the Viewer option is selected for all of the accounts/sites that you have ticked.
Once you have completed the details above, click Create User.
The API Token is generated, please copy it for the later usage.
STEP 4: Integrate SentinelOne to your HighGround Account
You can now use the API Token retrieved in the previous step to integrate the tool to your HighGround account.
To do so, you will need to go to the Integrations area of your HighGround account, and find the SentinelOne tool under Endpoint Protection.
Clicking on 'Connect' will open a window for you to enter the following details;
API Token: This is the long string of characters - your API Token - which you retrieved in the previous step.
URL: In addition to the Token, you will need to enter your Management Console URL. This URL consists of your unique Instance ID followed by sentinelone.net. If you are still logged into your SentinelOne account, you can find this URL in the URL bar of the window where your have SentinelOne open. It is also the URL you use to login to your SentinelOne console (minus /login).
Confirm the tick box and click "Continue".
Congratulations, now SentinelOne is integrated into your HighGround Account! 🥳