What Living Security needs
Scopes: Read access to Alerts and Users
Required role: Customer Cloud Admin or Security Center User with API Client management permissions
Prerequisites
- You must be signed in to the Code42 console with a role that has permission to manage API Clients.
Part A — In Code42
Your Code42 administrator completes these steps.1
Navigate to API Client Management
- Sign in to your Code42 console (e.g.,
console.us.code42.com). - In the left navigation, click Settings, then select API Clients.
2
Create an API Client
- Click Add new API Client.
- Enter a descriptive name (e.g.,
Living Security Platform). - Select the access level that grants read access to Alerts and Users:
In most deployments, the Security Center User role or equivalent read-only role is sufficient.
- Click Create.
Grant only the access level needed for read operations. Administrative or write-level permissions are not required.
3
Identify your regional API host
Match your Code42 console URL to the corresponding API host:
Enter the host only — no
https:// prefix and no trailing slash.4
Copy and save your credentials
Copy the Client ID and Client secret values and store them securely.
Part B — In the Living Security Platform
The program owner completes this step, or the system admin if using delegated setup.1
Troubleshooting
403 Forbidden
403 Forbidden
The API Client lacks read access to Alerts or Users. Create a new API Client with the Security Center User role or equivalent read permissions.
Wrong regional API host
Wrong regional API host
Using the wrong host causes authentication to fail. Verify:
- US accounts use
api.us.code42.comorapi.us2.code42.com - EU accounts use
api.ie.code42.com - Gov accounts use
api.gov.code42.com
Missing Client ID field
Missing Client ID field
The connection dialog’s API Key field accepts the client secret. The Client ID is handled internally during OAuth2 token exchange.

