URL
SentinelOne uses different subdomains based on your region and who you purchased your licenses from. To get this value, log in to S1 and copy the URL from your address bar. It should look likehttps://usea1-011.sentinelone.net/. Using console[.]sentinelone[.]net is not a valid value.
API Key
To create an API Key you’ll need to create a service user. SentinelOne offers two console UIs; use the tab that matches the interface you see after logging in.- Classic console
- Singularity Operations Center
- Settings > Users > Service Users
- Service Users > Actions > Create New Service User
- You may name it anything you’d like; we suggest Tier4
- When prompted to Select Scope of Access, we recommend Site > Client for MSP setups so access is scoped to the client being onboarded
- Set the expiration to a value you feel comfortable with; we suggest 1 year. When the token expires you will receive an email notification from us saying the integration is experiencing errors. We also suggest setting a calendar reminder to update the token before it expires
- Copy the API token
- Login to Tier4 and navigate to Integrations > SentinelOne and enter URL and API Key
Use the built-in SOC role for this service user. SentinelOne includes this role by default.