>
    Onboard a Sentry App to SSPM
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. Onboard SaaS Apps Supported by SSPM
    4. Onboard a Sentry App to SSPM
    Download PDF
    SaaS Security

    Onboard a Sentry App to SSPM

    Table of Contents

    Onboard a Sentry App to SSPM

    Onboard a Sentry app to SSPM to detect posture risks.
    Where Can I Use This?What Do I Need?
    • Strata Cloud Manager
    • SaaS Security Posture Management license
    Or any of the following licenses that include the Data Security license:
    • CASB-X
    • CASB-PA
    For SSPM to detect posture risks in your Sentry instance, you must onboard your Sentry instance to SSPM. Through the onboarding process, SSPM connects to a Sentry API by using an API token that you generate from a Sentry account. After connecting to the Sentry API, SSPM scans your Sentry instance for misconfigured settings and account risks.
    The supported Sentry account plan for SSPM scans is the Business Plan.
    To access your Sentry instance, SSPM requires the following information, which you will specify during the onboarding process.
    ItemDescription
    Personal Token
    A personal access token that you generate from a Sentry account. The token is a unique, alphanumeric string that gives SSPM read-only access to organization and member data for a Sentry organization.
    To onboard your Sentry instance, you complete the following actions:
    1. Generate and copy a personal access token with read permission to organization and member information.
      1. Identify the Sentry account that you will use to create the Sentry app.
        Required Permissions: No elevated permissions are required, but the account must be a member of the organization you want SSPM to scan.
      2. Open a web browser to the Sentry login page and log in to the account you identified.
      3. On the Sentry dashboard, locate the account drop-down menu in the upper left corner. From the drop-down menu, select Personal Tokens.
        The Personal Tokens page lists any personal tokens that you have created.
      4. On the Personal Tokens page, click Create New Token.
      5. Sentry prompts you to select the permission scopes for your token. Select the following Scopes:
        member:read
        org:read
      6. On the Create New Personal Token page, enter a name for your token, such as SSPM Integration Token and Create Token.
      7. Sentry displays your personal access token. Cope the token and paste it into a text file.
        Don’t continue to the next step unless you have copied the personal token. You must provide this token to SSPM during the onboarding process.
    2. Connect SSPM to your Sentry instance.
      In SSPM, complete the following steps to enable SSPM to connect to your Sentry instance.
      1. Log in to Strata Cloud Manager.
      2. Select ManageConfigurationSaaS SecurityPosture SecurityApplicationsAdd Application and click the Sentry tile.
      3. On the Posture Security tab, Add New instance.
      4. Log in with Credentials.
      5. Enter your personal token and Connect.

    © 2025 Palo Alto Networks, Inc. All rights reserved.