SaaS Security Administrator's Guide
    : Onboard a Kustomer App to SSPM
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. SaaS Security Administrator's Guide
    4. SaaS Security Posture Management
    5. Onboard SaaS Apps Supported by SSPM
    6. Onboard a Kustomer App to SSPM
    Download PDF

    SaaS Security Administrator's Guide

    Onboard a Kustomer App to SSPM

    Table of Contents

    Onboard a Kustomer App to SSPM

    Connect a Kustomer instance to SSPM to detect posture risks.
    For SSPM to detect posture risks in your Kustomer instance, you must onboard your Kustomer instance to SSPM. Through the onboarding process, SSPM connects to a Kustomer API and, through the API, scans your Kustomer instance for misconfigured settings. If there are misconfigured settings, SSPM suggests a remediation action based on best practices.
    SSPM gets access to your Kustomer instance through an API access key. During the onboarding process, SSPM prompts you for the API access key and related information for your Kustomer instance.
    To onboard your Kustomer instance, you complete the following actions:

    Collect Information for Accessing Your Kustomer Instance

    To access your Kustomer instance, SSPM requires the following information, which you will specify during the onboarding process.
    ItemDescription
    API Key
    A generated character string that uniquely identifies your organization to the Kustomer API. SSPM requires this API key to authenticate to the Kustomer API.
    Required permissions: The API key must be generated by an administrator. The administrator must configure the key to have the org.permission role.
    Region
    The region (US or EU) where your organization deployed the Kustomer.
    As you complete the following steps, make note of the values of the items described in the preceding table. You will need to enter these values during onboarding to access your Kustomer instance from SSPM.
    1. Log in to Kustomer as an administrator.
      1. Open a web browser and go to the Kustomer login page at www.kustomerapp.com/domain. Enter your organization name and Continue.
      2. Log in using administrator credentials.
    2. Generate an API key for your organization.
      1. Click the settings icon (gear icon) in the lower-left corner of the window, and select SECURITYAPI Keys.
      2. + Add API Key.
      3. Fill in the fields of the ADD API KEY dialog.
        • Enter a name for the new API key.
        • In the Roles field, specify org.permission
          Required permissions: The key must be configured with the org.permission role.
        • Specify an expiration date for the key.
      4. Create the key.
        Kustomer generates and displays your new key.
      5. Copy the API key and paste it into a text file.
        Do not continue to the next step unless you have copied the API Key. You must provide this key to SSPM during the onboarding process.
    3. Identify the region (United States or European Union) where your organization instance was deployed. Because API calls are region specific, you must provide this information to SSPM during the onboarding process.

    Connect SSPM to Your Kustomer Instance

    By adding a Kustomer app in SSPM, you enable SSPM to connect to your Kustomer instance.
    1. From the Add Application Page (Posture SecurityApplicationsAdd Application), click the Kustomer tile.
    2. Under posture security instances, Add Instance or, if there is already an instance configured, Add New instance.
    3. Enter the API Key, and Connect.

    © 2024 Palo Alto Networks, Inc. All rights reserved.