Discovering SaaS services

As part of SaaS native data protection, R‑Cloud allows you to discover all SaaS services to which you are subscribed and map them by using R-Graph. This helps you to understand the scope of protected and unprotected SaaS data, and to use R‑Cloud to establish the data protection environment according to your business needs.

SaaS service discovery starts automatically after you allow R‑Cloud to access the required SaaS service information by configuring an identity provider for SaaS service discovery in R‑Cloud. After your SaaS services are discovered, you can explore R-Graph, a visual representation of your SaaS data protection environment, which enables you to quickly gain insight into the status of your SaaS application data protection. For details, see Exploring R-Graph.

Prerequisites

For Microsoft Entra ID: Your service principal must have the Microsoft Graph/Application.Read.All application resource permissions.
For Okta: You must use a custom role with permissions to view applications and their details, and a custom resource set that is constrained to all applications.

Procedure

In the Discover Services dialog box, click New.

From the Identity Provider drop-down menu, select your identity provider, and then follow the instructions:

Identity provider	Instructions
Microsoft Entra ID	In the Display Name field, enter a display name for Microsoft Entra ID. In the Client ID field, enter the application ID that was generated for R‑Cloud by Microsoft Entra ID. In the Client Secret field, enter the application secret that was generated by Microsoft Entra ID for the application ID that you entered in the Client ID field. In the Tenant ID, enter your Microsoft Entra ID tenant ID.
Okta	In the Display Name field, enter a display name for Okta. In the Okta URL field, enter the URL of your Okta domain. You can find the domain in the global header located in the upper-right corner of your Okta Admin Dashboard. In the API Token field, enter the token that is used to authenticate requests to Okta via Okta APIs. You can find the Okta API token in the Okta Admin Console by navigating to Security, then to API, and then to the Tokens tab.

Identity provider

Instructions

Microsoft Entra ID

In the Display Name field, enter a display name for Microsoft Entra ID.
In the Client ID field, enter the application ID that was generated for R‑Cloud by Microsoft Entra ID.
In the Client Secret field, enter the application secret that was generated by Microsoft Entra ID for the application ID that you entered in the Client ID field.
In the Tenant ID, enter your Microsoft Entra ID tenant ID.

Okta

In the Display Name field, enter a display name for Okta.
In the Okta URL field, enter the URL of your Okta domain. You can find the domain in the global header located in the upper-right corner of your Okta Admin Dashboard.
In the API Token field, enter the token that is used to authenticate requests to Okta via Okta APIs. You can find the Okta API token in the Okta Admin Console by navigating to Security, then to API, and then to the Tokens tab.

Click Save. The identity provider is added to the list of identity providers.

You can later edit any of the existing identity providers (click Edit Edit and make the required modifications) or delete the ones that you do not need anymore (click Delete Delete).