1. Home
    2. SaaS Security
    3. SaaS Security Administrator's Guide
    4. SaaS Security API
    5. Secure Sanctioned SaaS Apps on SaaS Security API
    6. Add Cloud Apps to SaaS Security API
    7. Begin Scanning a Confluence App (Beta)

    Begin Scanning a Confluence App (Beta)

    Add your Confluence app to SaaS Security API to begin scanning and monitoring assets for possible security risks.
    To connect a Confluence app to SaaS Security API and begin scanning assets, you need to:
    • Retrieve the SaaS Security API public key required to create the application links.
    • Configure the application links required for authentication and communication between SaaS Security API and your Confluence account.
    • Add the Confluence app to SaaS Security API.
    For information on which automated remediation capabilities SaaS Security API supports with Confluence, refer to Supported Applications with Remediation.

    Prepare To Add Confluence App

    Before you begin, verify that you have the correct permissions and follow any recommendations to ensure an efficient and successful onboarding. By default, the
    site-admins
     group or
    administrators
     group on Confluence provides the necessary permissions to onboard the Confluence app.
    1. (
      Recommended
      ) Add your Confluence domain as an internal domain.
    2. Verify that your Confluence account has Administrator permissions.

    Retrieve SaaS Security API Public Key

    Before you can create application links to connect your Confluence account to SaaS Security API, you must retrieve the public key from SaaS Security API for the Confluence app. You will enter this public key in the Confluence web interface when you configure the application links.
    1. Log in to SaaS Security.
    2. Select
      Add a Cloud App
      Confluence
      Click here to prepare your Confluence Account
      , then record the
      Public Key
      .

    Configure the Application Links

    Before you can add the Confluence app, you must prepare your Confluence account to connect to SaaS Security API. As you do so, take note of the following values, as they are required to add Confluence app on SaaS Security API:
    Item
    Description
    Confluence URL
    URL you use to log in to your Confluence cloud account. For example,
    https://acmecorp.atlassian.net/wiki
    Application URL
    URL (
    https://aperture.paloaltonetworks.com
    ) to which you will map the Confluence URL.
    Consumer Key
    Key you assign in Confluence and that’s used by SaaS Security API to authenticate and make secure API calls to Confluence.
    Consumer Name
    Descriptive name you assign in Confluence for the Consumer Key.
    Public Key
    SaaS Security API public key for Confluence app. Public key displays in the SaaS Security API web interface as outlined in Retrieve SaaS Security API Public Key.
    1. Log in to your Confluence cloud account with Administrator permissions (for example,
      https://acmecorp.atlassian.net/
      ).
    2. Select
      Apps
      Manage apps
      Application Links
      .
    3. In
      Configure Application Links
      , enter Application URL
      https://aperture.paloaltonetworks.com
      , and then
      Create new Link
      .
    4. Select
      Use this URL
      , then
      Continue
      .
    5. Enter
      SaaS Security API
       in
      Application Name
      , select
      Confluence
       in
      Application Type
      , select
      Create incoming Link
       to link Confluence URL to the SaaS Security API Application URL, then
      Continue
      .
    6. Enter any value for
      Consumer Key
      ,
      Consumer Name
      , and
      Public Key
       to enable SaaS Security API to authenticate and make secure API calls to Confluence.
      Take note of the
      Consumer Key
       you assign because you will need this value when you add the Confluence app to SaaS Security API.
      • Both Consumer Key and Consumer Name must be unique. Valid values (characters and length) are defined by Atlassian, not SaaS Security API. The Confluence web interface informs you if your values do not comply with Atlassian’s convention.
      • Public Key is the key you recorded in Retrieve SaaS Security API Public Key.
    7. Edit
       the
      Application Link
       in
      Connections
       to set the
      Incoming
       option to
      OAuth
       and
      Save
       your setting changes.
    8. Next Step
      : Proceed to Add Confluence App.

    Add Confluence App

    Before you add the Confluence app, you must Configure the Application Links.
    1. Log in to your Confluence cloud account (for example,
      https://acmecorp.atlassian.net/
      ) with Administrator privileges.
    2. From the
      Dashboard
      , select
      Add a Cloud App
      .
    3. Select
      Confluence
      .
    4. Connect to Confluence Account
      .
    5. In
      Confluence Custom Configuration
       enter the
      Confluence URL
      —the URL that you use to log in to your Confluence cloud account—and the
      Consumer Key
       that you recorded in Configure the Application Links.
    6. Click
      OK
      .
    7. Allow
       SaaS Security API access to your Confluence account.
      SaaS Security API adds the new Confluence app to the Cloud Apps list as
      Confluence
       n, where n is the number of Confluence app instances that you connected to SaaS Security API. For example, if you added one Confluence app, the name displays as
      Confluence 1
      . You’ll specify a descriptive name soon.
      Congratulations—you’ve completed the onboarding process!
    8. Next Step
      : Proceed to Identify Risks and begin scanning your assets.

    Identify Risks

    When you add a new cloud app and enable scanning, SaaS Security API automatically scans the cloud app against the default data patterns and displays the match occurrences. You can take action now to improve your scan results and identify risks.
    1. Start scanning the new Confluence app for risks.
    2. During the discovery phase, SaaS Security API scans files and matches them against enabled default policy rules.
      Verify that your default policy rules are effective. If the results don’t capture all risks or you see false positives, proceed to the next step.
    3. (
      Optional
      ) Add new policy rules.
      Consider the business use of your app, then identify risks unique to your enterprise. As necessary, add new:
    4. (
      Optional
      ) Configure or edit a data pattern.
      You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
    5. Next Step
      : Proceed to Customize Confluence App and Fix Confluence Onboarding Issues, if necessary.

    Customize Confluence App

    If you plan to manage more than one instance of Confluence app, consider differentiating your instances.
    1. (
      Optional
      ) Give a descriptive name to this app instance.
      1. Select the Confluence n link on the Cloud Apps list.
      2. Enter a descriptive
        Name
        .
      3. Click
        Done
         to save your changes.
    2. Next Step
      : Proceed to Fix Confluence Onboarding Issues.

    Fix Confluence Onboarding Issues

    The most common issues related to onboarding the Confluence app are as follows:
    Symptom
    Explanation
    Solution
    During the course of creating application links, the Confluence web interface displays errors, requesting required Service provider, Shared secret, Request Token URL, and Access Token URL.
    These errors are not required for onboarding. These errors occur when you forget to select the
    Create income link
     checkbox.
    Delete the application links you created and recreate them with the
    Create income link
     selected.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2021 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo