Begin Scanning a Confluence App (Beta)
Add your Confluence app to SaaS Security API to begin
scanning and monitoring assets for possible security risks.
To connect a Confluence app to SaaS Security
API and begin scanning assets, you need to:
- Retrieve the SaaS Security API public key required to create the application links.
- Configure the application links required for authentication and communication between SaaS Security API and your Confluence account.
- Add the Confluence app to SaaS Security API.
For
information on which automated remediation capabilities SaaS Security
API supports with Confluence, refer to Supported Content, Remediation and Monitoring.
Prepare To Add Confluence App
Before you begin, verify that you have the
correct permissions and follow any recommendations to ensure an
efficient and successful onboarding. By default, the
site-admins
group
or administrators
group on Confluence provides
the necessary permissions to onboard the Confluence app.- (Recommended) Add your Confluence domain as an internal domain.
- Verify that your Confluence account has Administrator permissions.
Retrieve SaaS Security API Public Key
Before you can create application links to connect
your Confluence account to SaaS Security API, you must retrieve
the public key from SaaS Security API for the Confluence app. You
will enter this public key in the Confluence web interface when
you configure the application
links.
- Log in to SaaS Security.
- Select, then record theAdd a Cloud AppConfluenceClick here to prepare your Confluence AccountPublic Key.
Configure the Application Links
Before you can add the Confluence app, you
must prepare your Confluence account to connect to SaaS Security
API. As you do so, take note of the following values, as they are
required to add Confluence app on SaaS Security API:
Item | Description |
---|---|
Confluence URL | URL you use to log in to your Confluence
cloud account. For example, https://acmecorp.atlassian.net/wiki |
Application URL | URL ( https://aperture.paloaltonetworks.com ) to
which you will map the Confluence URL. |
Consumer Key | Key you assign in Confluence and that’s
used by SaaS Security API to authenticate and make secure API calls
to Confluence. |
Consumer Name | Descriptive name you assign in Confluence
for the Consumer Key. |
Public Key | SaaS Security API public key for Confluence
app. Public key displays in the SaaS Security API web interface
as outlined in Retrieve SaaS Security API Public Key. |
- Log in to your Confluence cloud account with Administrator permissions (for example,https://acmecorp.atlassian.net/).
- Select.AppsManage appsApplication Links
- InConfigure Application Links, enter Application URLhttps://aperture.paloaltonetworks.com, and thenCreate new Link.
- SelectUse this URL, thenContinue.
- EnterSaaS Security APIinApplication Name, selectConfluenceinApplication Type, selectCreate incoming Linkto link Confluence URL to the SaaS Security API Application URL, thenContinue.
- Enter any value forConsumer Key,Consumer Name, andPublic Keyto enable SaaS Security API to authenticate and make secure API calls to Confluence.Take note of theConsumer Keyyou assign because you will need this value when you add the Confluence app to SaaS Security API.
- Both Consumer Key and Consumer Name must be unique. Valid values (characters and length) are defined by Atlassian, not SaaS Security API. The Confluence web interface informs you if your values do not comply with Atlassian’s convention.
- Public Key is the key you recorded in Retrieve SaaS Security API Public Key.
- EdittheApplication LinkinConnectionsto set theIncomingoption toOAuthandSaveyour setting changes.
- Next Step: Proceed to Add Confluence App.
Add Confluence App
Before you add the Confluence app, you must Configure the Application Links.
- Log in to your Confluence cloud account (for example,https://acmecorp.atlassian.net/) with Administrator privileges.
- From theDashboard, selectAdd a Cloud App.
- SelectConfluence.
- Connect to Confluence Account.
- InConfluence Custom Configurationenter theConfluence URL—the URL that you use to log in to your Confluence cloud account—and theConsumer Keythat you recorded in Configure the Application Links.
- ClickOK.
- AllowSaaS Security API access to your Confluence account.SaaS Security API adds the new Confluence app to the Cloud Apps list asConfluencen, where n is the number of Confluence app instances that you connected to SaaS Security API. For example, if you added one Confluence app, the name displays asConfluence 1. You’ll specify a descriptive name soon.Congratulations—you’ve completed the onboarding process!
- Next Step: Proceed to Identify Risks and begin scanning your assets.
Identify Risks
When you add a new cloud app and enable scanning,
SaaS Security API automatically scans the cloud app against the
default data patterns and displays the match occurrences. You can
take action now to improve your scan results and identify risks.
- Start scanning the new Confluence app for risks.
- During the discovery phase, SaaS Security API scans files and matches them against enabled default policy rules.Verify that your default policy rules are effective. If the results don’t capture all risks or you see false positives, proceed to the next step.
- (Optional) Add new policy rules.Consider the business use of your app, then identify risks unique to your enterprise. As necessary, add new:
- (Optional) Configure or edit a data pattern.You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
Customize Confluence App
If you plan to manage more than one instance
of Confluence app, consider differentiating your instances.
- (Optional) Give a descriptive name to this app instance.
- Select the Confluence n link on the Cloud Apps list.
- Enter a descriptiveName.
- ClickDoneto save your changes.
- Next Step: Proceed to Fix Confluence Onboarding Issues.
Fix Confluence Onboarding Issues
The most common issues related to onboarding the Confluence
app are as follows:
Symptom | Explanation | Solution |
---|---|---|
During the course of creating application links,
the Confluence web interface displays errors, requesting required
Service provider, Shared secret, Request Token URL, and Access Token
URL. | These errors are not required for onboarding. These
errors occur when you forget to select the Create income link checkbox. | Delete the application links you created
and recreate them with the Create income link selected. |
Recommended For You
Recommended Videos
Recommended videos not found.