Discovering SaaS services

As part of SaaS native data protection, R‑Cloud allows you to discover all SaaS services to which you are subscribed and map them by using R-Graph. This helps you to understand the scope of protected and unprotected SaaS data, and to use R‑Cloud to establish the data protection environment according to your business needs.

SaaS service discovery starts automatically after you allow R‑Cloud to access the required SaaS service information by configuring an identity provider for SaaS service discovery in R‑Cloud. After your SaaS services are discovered, you can explore R-Graph, a visual representation of your SaaS data protection environment, which enables you to quickly gain insight into the status of your SaaS application data protection. For details, see Exploring R-Graph.

Prerequisites

For Microsoft Entra ID: Your service principal must have the Microsoft Graph/Application.Read.All application resource permissions.
For Okta: You must use a custom role with permissions to view applications and their details, and a custom resource set that is constrained to all applications.

Procedure

In the Discovery Services dialog box, click New.

From the Identity provider drop-down menu, select your identity provider, and then follow the instructions:

Identity provider	Instructions
Microsoft Entra ID	In the Display name field, enter a display name for Microsoft Entra ID. In the Client ID field, enter the application ID that is generated by Microsoft Entra ID. In the Client secret field, enter the application secret that is associated with the client ID and generated by Microsoft Entra ID. In the Tenant ID, enter the identifier for the tenant that is based on the tenant name and can be found in the Microsoft Entra ID properties.
Okta	In the Display name field, enter a display name for Okta. In the Okta URL field, enter your Okta domain that you can find in the global header located in the upper-right corner of the Admin Dashboard. In the API token field, enter the token that is used to authenticate requests to Okta APIs.

Identity provider

Instructions

Microsoft Entra ID

In the Display name field, enter a display name for Microsoft Entra ID.
In the Client ID field, enter the application ID that is generated by Microsoft Entra ID.
In the Client secret field, enter the application secret that is associated with the client ID and generated by Microsoft Entra ID.
In the Tenant ID, enter the identifier for the tenant that is based on the tenant name and can be found in the Microsoft Entra ID properties.

Okta

In the Display name field, enter a display name for Okta.
In the Okta URL field, enter your Okta domain that you can find in the global header located in the upper-right corner of the Admin Dashboard.
In the API token field, enter the token that is used to authenticate requests to Okta APIs.

Click Save. The identity provider is added to the list of identity providers.

You can later edit any of the existing identity providers (click Edit Edit and make the required modifications) or delete the ones that you do not need anymore (click Delete Delete).