Skip to main content
 

Tip

This article was accurate at the time of writing, but changes happen. If you find the instructions are outdated, leave a description in the comment field below and let us know!

Step 1: Enable console access

You can create either a local account or an AD user through portal.azure.com.

  1. Go to admin.microsoft.com to create a new user.

  2. Scroll to Users and click Active Users.

  3. Select Add a user.

  4. Set Expel as first name and SOC as last name.

  5. Scroll to the bottom and grant global reader role for the user.

Step 2: Generate API credentials

  1. Go to the MDCA portal http://portal.cloudappsecurity.com/ using the account credentials created in Step 1.

  2. Go to the Settings menu and select Security extensions and then API tokens.

    Screen Shot 2021-03-05 at 12.40.26 PM.png
  3. Generate a new token, provide a name to identify the token, and click Next.

  4. Copy the token value and save it somewhere safe. You need this later.

  5. After you generate a new token, you're provided with a new URL to access Microsoft Defender for Cloud Apps.

    Important

    The token has the privileges of the user created in Step 1 who issued it.

Step 3: Configure the technology in Workbench

  1. In a new browser tab, login to https://workbench.expel.io.

  2. On the console page, navigate to Settings and click Security Devices.

  3. At the top of the page, click Add Security Device.

    Button_WB_add_security_device.png
  4. Search for and select your technology.

    mceclip0.png
    • For Name type the host name of the Microsoft Defender for Cloud Apps device.

    • For Location type the geographic location of the appliance.

    • For URL, type from Step 2.

    • For Token, type from Step 2.

MCAS, MS Cloud App Security, MS Defender, Microsoft Cloud Application Security