Enable Group-Based Incident Management

Learn how to enable group-based incident management on SaaS Security API.
Group-based visibility requires Azure Active Directory integration, which has many benefits, including flexibility with incident management on SaaS Security API.
SaaS Security API enables you to limit an administrator’s access to cloud assets by defining the groups that you want the administrator to monitor for incident management purposes. First, however, you must Connect Azure Active Directory to SaaS Security.
To enable group-based incident management, you need to:
  • Assign the Incident Management role to an administrator on SaaS Security API.
  • Select the Active Directory groups that you want to make visible to that Incident Management administrator.
Using teams, SaaS Security API enables you to further customize an administrator’s access to specific cloud apps.
  1. Create an administrator account.
    As you create the account:
    1. Assign the administrator Incident Management role.
      This role limits the permissions for this administrator on SaaS Security API.
    2. Choose the
      AD Groups
      to limit Directory Group Visibility and
      Save
      your changes.
    3. Save
      the new account when you’re done choosing among the other options.
  2. Invite your Incident Management administrator to log in.
    When the incident management administrator logs in to SaaS Security, while they have limited access to most of the interface, they will be able to view asset details for the incidents generated by users who belong to the AD groups you included above.

Recommended For You