> ## Documentation Index
> Fetch the complete documentation index at: https://docs.tier4ai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# SentinelOne

> Integrate with SentinelOne EDR

To integrate SentinelOne you will need two pieces of information, the URL and the API Key of your SentinelOne account.

## URL

SentinelOne uses different subdomains based on your region and who you purchased your licenses from. To get this value, log in to S1 and copy the URL from your address bar. It should look like `https://usea1-011.sentinelone.net/`. Using `console[.]sentinelone[.]net` is not a valid value.

## API Key

To create an API Key you'll need to create a service user. SentinelOne offers two console UIs; use the tab that matches the interface you see after logging in.

<Tabs>
  <Tab title="Classic console">
    1. **Settings** > **Users** > **Service Users**
    2. **Service Users** > **Actions** > **Create New Service User**
    3. You may name it anything you'd like; we suggest **Tier4**
    4. When prompted to **Select Scope of Access**, we recommend **Site** > **Client** for MSP setups so access is scoped to the client being onboarded
    5. Set the expiration to a value you feel comfortable with; we suggest 1 year. When the token expires you will receive an email notification from us saying the integration is experiencing errors. We also suggest setting a calendar reminder to update the token before it expires
    6. Copy the API token
    7. Login to Tier4 and navigate to **Integrations** > **SentinelOne** and enter URL and API Key
  </Tab>

  <Tab title="Singularity Operations Center">
    1. In the left sidebar, go to **Configure** > **Policies and settings**
    2. Under **User management**, click **Service users**
    3. Click **Create New Service User**
    4. Under **General**, enter a **Service Name** (we suggest **Tier4**) and an optional description
    5. Set **Expiration Date** to a value you feel comfortable with; we suggest 1 year. When the token expires you will receive an email notification from us saying the integration is experiencing errors. We also suggest setting a calendar reminder to update the token before it expires.
    6. Under **Permissions**, set the scope of access:
       * For MSP setups, select **Site**, choose the account from **Show Sites from Account**, then select the client site being onboarded
       * For single-tenant setups, choose **Account** or **Site** as appropriate for your environment
    7. For each selected site or account, assign the **SOC** role
    8. Click **Create Service User**, then copy the API token
    9. Login to Tier4 and navigate to **Integrations** > **SentinelOne** and enter URL and API Key
  </Tab>
</Tabs>

<Info>
  Use the built-in **SOC** role for this service user. SentinelOne includes this role by default.
</Info>