Begin Scanning a Confluence App (Beta)

Add your Confluence app to Prisma SaaS to begin scanning and monitoring assets for possible security risks.
To connect a Confluence app to Prisma SaaS and begin scanning assets, you need to:
  • Retrieve the Prisma SaaS public key required to create the application links.
  • Configure the application links required for authentication and communication between Prisma SaaS and your Confluence account.
  • Add the Confluence app to Prisma SaaS.
For information on which automated remediation capabilities Prisma SaaS supports with Confluence, refer to Supported Applications with Remediation.

Prepare To Add Confluence App

Before you begin, verify that you have the correct permissions and follow any recommendations to ensure an efficient and successful onboarding. By default, the
site-admins
group or
administrators
group on Confluence provides the necessary permissions to onboard the Confluence app.
  1. (
    Recommended
    ) Add your Confluence domain as an internal domain.
  2. Verify that your Confluence account has Administrator permissions.
    confluence-admin-permissions.png

Retrieve Prisma SaaS Public Key

Before you can create application links to connect your Confluence account to Prisma SaaS, you must retrieve the public key from Prisma SaaS for the Confluence app. You will enter this public key in Confluence UI when you configure the application links.
  1. Log in to Prisma SaaS.
  2. Select
    Add a Cloud App
    Confluence
    Click here to prepare your Confluence Account
    , then record the
    Public Key
    .
    confluence-public-key-copy.png

Configure the Application Links

Before you can add the Confluence app, you must prepare your Confluence account to connect to Prisma SaaS. As you do so, take note of the following values, as they are required to add Confluence app on Prisma SaaS:
Item
Description
Confluence URL
URL you use to log in to your Confluence cloud account. For example,
https://acmecorp.atlassian.net/wiki
Application URL
URL (
https://aperture.paloaltonetworks.com
) to which you will map the Confluence URL.
Consumer Key
Key you assign in Confluence and that’s used by Prisma SaaS to authenticate and make secure API calls to Confluence.
Consumer Name
Descriptive name you assign in Confluence for the Consumer Key.
Public Key
Prisma SaaS public key for Confluence app. Public key displays in Prisma SaaS UI as outlined in Retrieve Prisma SaaS Public Key.
  1. Log in to your Confluence cloud account with Administrator permissions (for example,
    https://acmecorp.atlassian.net/
    ).
  2. Select
    Apps
    Manage apps
    Application Links
    .
  3. In
    Configure Application Links
    , enter Application URL
    https://aperture.paloaltonetworks.com
    , and then
    Create new Link
    .
    confluence-create-app-link-1.png
  4. Select
    Use this URL
    , then
    Continue
    .
    confluence-create-app-link-2-nocheckbox.png
  5. Enter
    Prisma SaaS
    in
    Application Name
    , select
    Confluence
    in
    Application Type
    , select
    Create incoming Link
    to link Confluence URL to the Prisma SaaS Application URL, then
    Continue
    .
    confluence-create-app-link-3.png
  6. Enter any value for
    Consumer Key
    ,
    Consumer Name
    , and
    Public Key
    to enable Prisma SaaS to authenticate and make secure API calls to Confluence.
    Take note of the
    Consumer Key
    you assign because you will need this value when you add the Confluence app to Prisma SaaS.
    • Both Consumer Key and Consumer Name must be unique. Valid values (characters and length) are defined by Atlassian, not Prisma SaaS. Confluence UI informs you if your values do not comply with Atlassian’s convention.
    • Public Key is the key you recorded in Retrieve Prisma SaaS Public Key.
    confluence-create-app-link-4.png
  7. Edit
    the
    Application Link
    in
    Connections
    to set the
    Incoming
    option to
    OAuth
    and
    Save
    your setting changes.
    confluence-create-app-link-5.png
  8. Next Step
    : Proceed to Add Confluence App.

Add Confluence App

Before you add the Confluence app, you must Configure the Application Links.
  1. Log in to your Confluence cloud account (for example,
    https://acmecorp.atlassian.net/
    ) with Administrator privileges.
  2. From the Prisma SaaS Dashboard, select
    Add a Cloud App
    .
  3. Select
    Confluence
    .
    confluence-tile-frame-beta.png
  4. Connect to Confluence Account
    .
  5. In
    Confluence Custom Configuration
    enter the
    Confluence URL
    —the URL that you use to log in to your Confluence cloud account—and the
    Consumer Key
    that you recorded in Configure the Application Links.
    confluence-create-app-link-7.png
  6. Click
    OK
    .
  7. Allow
    Prisma SaaS access to your Confluence account.
    confluence-create-app-link-6.png
    Prisma SaaS adds the new Confluence app to the Cloud Apps list as
    Confluence
     
    n
    , where
    n
    is the number of Confluence app instances that you connected to Prisma SaaS. For example, if you added one Confluence app, the name displays as
    Confluence 1
    . You’ll specify a descriptive name soon.
    Congratulations—you’ve completed the onboarding process!
  8. Next Step
    : Proceed to Identify Risks and begin scanning your assets.

Identify Risks

When you add a new cloud app and enable scanning, Prisma SaaS automatically scans the cloud app against the default data patterns and displays the match occurrences. You can take action now to improve your scan results and identify risks.
  1. Start scanning the new Confluence app for risks.
  2. During the discovery phase, Prisma SaaS scans files and matches them against enabled default policy rules.
    Verify that your default policy rules are effective. If the results don’t capture all risks or you see false positives, proceed to the next step.
  3. (
    Optional
    ) Add new policy rules.
    Consider the business use of your app, then identify risks unique to your enterprise. As necessary, add new:
  4. (
    Optional
    ) Configure or edit a data pattern.
    You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
  5. Next Step
    : Proceed to Customize Confluence App and Fix Confluence Onboarding Issues, if necessary.

Customize Confluence App

If you plan to manage more than one instance of Confluence app, consider differentiating your instances.
  1. (
    Optional
    ) Give a descriptive name to this app instance.
    1. Select the Confluence 
      n
      link on the Cloud Apps list.
    2. Enter a descriptive
      Name
      .
    3. Click
      Done
      to save your changes.
  2. Next Step
    : Proceed to Fix Confluence Onboarding Issues.

Fix Confluence Onboarding Issues

The most common issues related to onboarding the Confluence app are as follows:
Symptom
Explanation
Solution
During the course of creating application links, the Confluence UI displays errors, requesting required Service provider, Shared secret, Request Token URL, and Access Token URL.
These errors are not required for onboarding. These errors occur when you forget to select the
Create income link
checkbox.
Delete the application links you created and recreate them with the
Create income link
selected.

Recommended For You