> ## Documentation Index
> Fetch the complete documentation index at: https://docs.livingsecurity.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Netskope

> Connect Netskope to import security alerts and web activity data.

export const ConnectInPlatform = ({tile, children}) => <Step title="Enter the credentials in the Living Security Platform">
    <p>
      Completed by whoever holds Living Security access — the program owner, or the system
      admin if they've been invited (delegated setup).
    </p>
    <ol>
      <li>
        Go to <strong>Settings → Integrations → Catalog</strong>, find the{' '}
        <strong>{tile}</strong> tile, click <strong>Connect</strong>.
      </li>
      <li>
        Fill in the fields below, then click <strong>Connect</strong>.
      </li>
    </ol>
    {children}
  </Step>;

export const SystemAdminBanner = ({system, recommendDelegated}) => <Note>
    <p>
      <strong>This guide is for your {system} administrator.</strong> It covers creating API
      credentials inside {system}, which requires admin access to {system} — not to the
      Living Security Platform.
    </p>
    <p>
      If you're the Living Security <strong>program owner</strong> and don't administer {system},
      send this page to whoever does. They complete Part A and hand the credentials back to you
      (or enter them directly if you've invited them into the platform).
      {recommendDelegated && <>
          {' '}Because setup produces sensitive key material, we recommend the{' '}
          <strong>delegated setup</strong> path so the secret is never sent back to you.
        </>}
    </p>
  </Note>;

<SystemAdminBanner system="Netskope" />

## What Living Security needs

| Credential           | Description                                                                  |
| -------------------- | ---------------------------------------------------------------------------- |
| **API token**        | A REST API v2 token generated from the Netskope admin console                |
| **Tenant subdomain** | The subdomain of your Netskope tenant (e.g., `acme` from `acme.goskope.com`) |

**Endpoint access required:**

| Endpoint                    | Purpose                                                          |
| --------------------------- | ---------------------------------------------------------------- |
| `/api/v2/events/data/alert` | Security alerts — anomalies, DLP, malware, policy violations     |
| `/api/v2/events/data/page`  | Web activity — browsing, allowed/blocked sites, cloud-app access |

**Required role:** **Tenant Admin** or equivalent with access to **Settings → Tools**

### Prerequisites

* You must have **Tenant Admin** access in Netskope to manage REST API tokens.

***

## Part A — In Netskope

*Your Netskope administrator completes these steps.*

<Steps>
  <Step title="Navigate to REST API v2 Token Management">
    1. Sign in to your Netskope admin console at `https://<tenant>.goskope.com`.
    2. In the left navigation, click **Settings**, then select **Tools**.
    3. Under **Tools**, click **REST API v2**.
  </Step>

  <Step title="Create a new token">
    1. Click **New Token**.
    2. Enter a descriptive name (e.g., `Living Security Platform`).
    3. Set a token expiration period that matches your rotation policy. Set a calendar reminder to rotate before expiration.

    <Note>
      For least privilege, use the shortest practical expiration period. Token expiry is the primary protection against long-lived credential exposure.
    </Note>
  </Step>

  <Step title="Grant endpoint access">
    Select access to both required endpoints:

    | Endpoint                    | Access |
    | --------------------------- | ------ |
    | `/api/v2/events/data/alert` | ✓      |
    | `/api/v2/events/data/page`  | ✓      |

    Click **Save**.

    <Warning>
      Token endpoint access cannot be changed after creation. If you miss an endpoint, you must generate a new token with full access and revoke the old one.
    </Warning>
  </Step>

  <Step title="Copy and save your token">
    **Copy the token immediately** and store it securely.

    <Warning>
      Netskope displays the token value **only once** at creation. If you navigate away without copying it, you must generate a new token.
    </Warning>
  </Step>

  <Step title="Identify your tenant subdomain">
    Your tenant subdomain is the prefix of your Netskope admin console URL.

    If your console URL is `https://acme.goskope.com`, your subdomain is `acme`.

    Enter the subdomain only — no `https://`, no `.goskope.com`, no trailing slash.
  </Step>
</Steps>

***

## Part B — In the Living Security Platform

*The program owner completes this step, or the system admin if using delegated setup.*

<Steps>
  <ConnectInPlatform tile="Netskope">
    | Field                | Value                                            |
    | -------------------- | ------------------------------------------------ |
    | **API key**          | The token from Part A, Step 4                    |
    | **Tenant subdomain** | The subdomain from Part A, Step 5 (e.g., `acme`) |

    <img src="https://mintcdn.com/livingsecurity/oVkrOMkYmNevekTI/integrations/images/netskope/connect-dialog.png?fit=max&auto=format&n=oVkrOMkYmNevekTI&q=85&s=7e410638f33267aaddebb3f9944e5dc4" alt="Living Security connect dialog for Netskope" style={{maxWidth: "450px"}} width="576" height="590" data-path="integrations/images/netskope/connect-dialog.png" />
  </ConnectInPlatform>
</Steps>

You are now connected to Netskope.

***

## Troubleshooting

<AccordionGroup>
  <Accordion title="401 Unauthorized">
    The token is invalid or expired, or you're using a **v1 token**. Check:

    1. Token has not been revoked or expired
    2. Token is a **REST API v2** token (v1 tokens use a different auth mechanism and won't work)
  </Accordion>

  <Accordion title="403 Forbidden">
    The token is missing access to one or both required endpoints. Token endpoint permissions cannot be changed after creation — generate a new token with access to both `/api/v2/events/data/alert` and `/api/v2/events/data/page`.
  </Accordion>

  <Accordion title="Using a v1 token">
    Living Security requires a **REST API v2** token that authenticates via the `Netskope-Api-Token` header. V1 tokens use query parameter authentication and will return `401 Unauthorized`. Generate a new v2 token from **Settings → Tools → REST API v2**.
  </Accordion>

  <Accordion title="Wrong tenant subdomain">
    Verify you entered only the subdomain (e.g., `acme`), not the full URL. The subdomain should match your Netskope admin console URL exactly.
  </Accordion>
</AccordionGroup>
