Creating an Expel connection
Using API Token
To create the connection you need:- A Token
Obtaining the credentials
- Log in to Workbench.
- In the side menu, navigate to Organization Settings > Service Accounts. If you have multiple organizations, you must select the appropriate organization name from the list.
- Select Add Service Account.
- Name the Service account.
- Select the appropriate role for this service account.
Admins can access all API calls, while analysts can perform non-administrative actions like completing investigations or sending remediation actions but cannot perform administrative tasks like adding context or users.
- To enable read-only API access for the service account, select the Read-only Access checkbox.
- In the new service account, select Generate API Key.
Only users with API access can view this page and generate API keys.
- Enter a name for the API key, then select Next.
- Copy the API key and save it to a safe place (this is the only time you can view your API key), then select Done.
Creating your connection
- In the Blink platform, navigate to the Connections page > Add connection. A New Connection dialog box opens displaying icons of external service providers available.
- Select the Expel icon. A dialog box with name of the connection and connection methods appear.
- (Optional) Edit the name of the connection. At a later stage you cannot edit the name.
- Select API Token as the method to create the connection.
- Fill in the parameters:
- The Token
- (Optional) Click Test Connection to test it.
- Click Create connection. The new connection appears on the Connections page.