Discovering SaaS services
As part of SaaS native data protection, R‑Cloud allows you to discover all SaaS services to which you are subscribed and map them by using R-Graph. This helps you to understand the scope of protected and unprotected SaaS data, and to use R‑Cloud to establish the data protection environment according to your business needs.
SaaS service discovery starts automatically after you allow R‑Cloud to access the required SaaS service information by configuring an identity provider for SaaS service discovery in R‑Cloud. After your SaaS services are discovered, you can explore R-Graph, a visual representation of your SaaS data protection environment, which enables you to quickly gain insight into the status of your SaaS application data protection. For details, see Exploring R-Graph.
Prerequisites
-
For Microsoft Entra ID: Your service principal must have the
Microsoft Graph/Application.Read.All
application resource permissions. -
For Okta: You must use a custom role with permissions to view applications and their details, and a custom resource set that is constrained to all applications.
To access the Discover Services dialog box, click Administration, and then select Discover Services.
Procedure
-
In the Discovery Services dialog box, click New.
-
From the Identity provider drop-down menu, select your identity provider, and then follow the instructions:
Identity provider Instructions Microsoft Entra ID -
In the Display name field, enter a display name for Microsoft Entra ID.
-
In the Client ID field, enter the application ID that is generated by Microsoft Entra ID.
-
In the Client secret field, enter the application secret that is associated with the client ID and generated by Microsoft Entra ID.
-
In the Tenant ID, enter the identifier for the tenant that is based on the tenant name and can be found in the Microsoft Entra ID properties.
Okta -
In the Display name field, enter a display name for Okta.
-
In the Okta URL field, enter your Okta domain that you can find in the global header located in the upper-right corner of the Admin Dashboard.
-
In the API token field, enter the token that is used to authenticate requests to Okta APIs.
-
-
Click Save. The identity provider is added to the list of identity providers.
You can later edit any of the existing identity providers (click Edit and make the required modifications) or delete the ones that you do not need anymore (click Delete).