Discovering SaaS services
As part of SaaS native data protection, R‑Cloud allows you to discover all SaaS services to which you are subscribed and map them by using R-Graph. This helps you to understand the scope of protected and unprotected SaaS data, and to use R‑Cloud to establish the data protection environment according to your business needs.
SaaS service discovery starts automatically after you allow R‑Cloud to access the required SaaS service information by configuring an identity provider for SaaS service discovery in R‑Cloud. After your SaaS services are discovered, you can explore R-Graph, a visual representation of your SaaS data protection environment, which enables you to quickly gain insight into the status of your SaaS application data protection. For details, see Exploring R-Graph.
Prerequisites
-
For Microsoft Entra ID: Your service principal must have the
Microsoft Graph/Application.Read.All
application resource permissions. -
For Okta: You must use a custom role with permissions to view applications and their details, and a custom resource set that is constrained to all applications.

To access the Discover Services dialog box, click Administration, and then select Discover Services.
Procedure
-
In the Discover Services dialog box, click
New.
-
From the Identity Provider drop-down menu, select your identity provider, and then follow the instructions:
Identity provider Instructions Microsoft Entra ID -
In the Display Name field, enter a display name for Microsoft Entra ID.
-
In the Client ID field, enter the application ID that was generated for R‑Cloud by Microsoft Entra ID.
-
In the Client Secret field, enter the application secret that was generated by Microsoft Entra ID for the application ID that you entered in the Client ID field.
-
In the Tenant ID, enter your Microsoft Entra ID tenant ID.
Okta -
In the Display Name field, enter a display name for Okta.
-
In the Okta URL field, enter the URL of your Okta domain. You can find the domain in the global header located in the upper-right corner of your Okta Admin Dashboard.
-
In the API Token field, enter the token that is used to authenticate requests to Okta via Okta APIs. You can find the Okta API token in the Okta Admin Console by navigating to Security, then to API, and then to the Tokens tab.
-
-
Click Save. The identity provider is added to the list of identity providers.
You can later edit any of the existing identity providers (click Edit and make the required modifications) or delete the ones that you do not need anymore (click
Delete).