Tip
This article was accurate at the time of writing, but changes happen. If you find the instructions are outdated, leave a description in the comment field below and let us know!
Step 1: Enable console access
-
In the OneLogin console, select Administration.
-
Select Users and then New User.
-
Fill in the following fields:
-
First name: Expel
-
Last name: SOC
-
For Email: soc+<Your_Organization_Name>@expel.io.
Tip
Yes, the "+" sign is part of the email address (as in soc+megacorp@expel.io) and it's important. Click here to find out why.
-
Username: same as email
-
Password: set by user
-
Company: Expel
-
Leave the other fields blank.
-
-
Click Save User.
-
Notify your engagement manager that the registration email is sent.
Step 2: Generate API Credentials
-
Sign into your OneLogin as a user with Admin privileges.
-
Navigate to Administration.
-
Navigate to Developers > API Credentials.
-
Select New Credential.
-
Give the credential a name (such as Expel API) and select Read All and click Save.
-
Save a copy of the Client ID and Client Secret.
Step 3: Configure the technology in Workbench
Now that we have the correct access configured and noted the credentials, we can integrate your tech with Workbench.
-
Login to https://workbench.expel.io.
-
Navigate to Settings > Security Devices.
-
At the top of the page, click Add New Device.
-
Search for and select OneLogin (direct).
-
Select Expel Cloud Service for the SIEM.
-
Give the device a Name and Location.
-
Fill in fields for Client Secret and Client ID with credentials generated in Step 2.
-
Specify the Region of the OneLogin device (US, EU).
Comments
0 comments
Article is closed for comments.