SaaS Security Administrator's Guide
    : Onboard a Miro App to SSPM
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. SaaS Security Administrator's Guide
    4. SaaS Security Posture Management
    5. Onboard SaaS Apps Supported by SSPM
    6. Onboard a Miro App to SSPM
    Download PDF

    SaaS Security Administrator's Guide

    Onboard a Miro App to SSPM

    Table of Contents

    Onboard a Miro App to SSPM

    Connect a Miro instance to SSPM to detect posture risks.
    For SSPM to detect posture risks in your Miro instance, you must onboard your Miro instance to SSPM. Through the onboarding process, SSPM connects to a Miro API and, through the API, scans your Miro instance for misconfigured settings. If there are misconfigured settings, SSPM suggests a remediation action based on best practices.
    SSPM gets access to your Miro instance through OAuth 2.0 authorization. To enable OAuth 2.0 authorization, you first create an OAuth 2.0 application in Miro before onboarding your Miro instance in SSPM. During the onboarding process, you are prompted to log in to Miro and to grant SSPM the access it requires.
    To onboard your Miro instance, you complete the following actions:

    Collect Information for Connecting to Your Miro Instance

    To access your Miro instance, SSPM requires the following application credentials. You will create the OAuth 2.0 application and provide its credentials to SSPM during the onboarding process.
    Item
    Description
    Client ID
    SSPM will access a Miro API through an OAuth 2.0 application that you create. Miro generates the Client ID to uniquely identify this application.
    Client Secret
    SSPM will access the Miro API through an OAuth 2.0 application that you create. Miro generates the Client Secret, which SSPM uses to authenticate to this application.
    As you complete the following steps, make note of the values of the items described in the preceding table. You will need to enter these values during onboarding to enable SSPM to access your Miro instance.
    1. From SSPM, get a redirect URI. You will specify this redirect URI in the OAuth 2.0 application that you will create in Miro. To get this information, you will begin the onboarding process in SSPM, but you will not complete the process.
      1. From the Add Application page in SSPM (
        Posture Security
        Applications
        Add Application
        ), click the Miro tile.
      2. Under posture security instances,
        Add Instance
         or, if there is already an instance configured,
        Add New
         instance.
      3. Log in with Credentials
        .
        A connection page for onboarding a Miro instance is displayed. The Redirect URL field displays the redirect URL value.
      4. Copy the URL and paste it into a text file.
        Do not continue to the next step unless you have copied the redirect URL. You will need to specify this URL later when you are configuring your OAuth 2.0 application.
      5. Because you will not be completing the onboarding process until after you have created your OAuth 2.0 application and gathered the necessary configuration information, return to the
        Apps Onboarding
         page.
    2. Identify the administrator account that you will use to create your OAuth 2.0 application.
      (
      Required Permissions
      ) The OAuth 2.0 application must be created by a Miro administrator assigned to the Company Admin role.
    3. Create your OAuth 2.0 application.
      1. Open a web browser and go to the Miro login page at miro.com/login/.
      2. Log in to the Company Admin account that you identified earlier.
      3. Locate your profile icon and select
        <profile-icon>
        Settings
        .
      4. On your Profile settings page, select
        Your apps
        Create new app
        .
      5. In the
        Create new app
         dialog:
        1. Specify a name and developer team for your app.
        2. Select
          Expire user authorization token
          .
        3. Create app
          .
        Miro displays a page for configuring your app.
      6. The configuration page for your app displays the app credentials (Client ID and Client Secret). Copy these credentials and paste them into a text file.
        Do not continue to the next step unless you have copied the Client ID and Client Secret. You must provide this information to SSPM during the onboarding process.
      7. On the configuration page for your app, locate the
        Redirect URI for OAuth 2.0
         section.
        Add
         the redirect URI that you obtained from SSPM to your OAuth 2.0 application.
        Double check that the
        Expire user authorization token
         option is selected. You cannot change this option setting here, but should have made this selection in the
        Create new app
         dialog.
      8. On the configuration page for your app, locate the
        Permissions
         section. Select the following scopes for your app:
        • boards:read
        • organizations:teams:read
      9. Install app and get OAuth token
        .

    Connect SSPM to Your Miro Instance

    By adding a Miro app in SSPM, you enable SSPM to connect to your Miro instance.
    1. From the Add Application page (
      Posture Security
      Applications
      Add Application
      ), click the Miro tile.
    2. Under posture security instances,
      Add Instance
       or, if there is already an instance configured,
      Add New
       instance.
    3. Log in with Credentials
      .
    4. Enter the application credentials (Client ID and Client Secret) and
      Connect
      .
      SSPM redirects you to the Miro login page.
    5. Log in to Miro as a Miro administrator assigned to the Company Admin role.
      Miro displays a consent form that details the access permissions that SSPM requires.
    6. Review the consent form and allow access.
      After you have granted SPPM the access it requires, SPPM will use the Company Admin permissions to scan for misconfigurations across all of your Miro teams.

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.