Skip to main content

Cloud-delivered Incident ResponderIncident Responder Documentation

Configure the SentinelOneV2 Service

Configure SentineOneV2 as a service to manage two-factor authentication, get information about entities and artifacts, mark threats as resolved, and run other SentinelOneV2 actions.

  • Generate a SentinelOneV2 API token, then save it. For more information, contact SentinelOne Customer Support.

  • If you use a proxy, ensure that you whitelist the domain for your SentinelOneV2 API endpoint; for example https://yourcompany.sentinelone.net/

  1. In the sidebar, click SETTINGSA grey gear icon, then select Core.

  2. Under SERVICE INTEGRATIONS, select Services.

  3. Select a service:

    • To configure a specific service, hover over a service, then click CONFIGURE. Use the search by vendor or filter by action to find a service.

    • To manually provide the relevant information for a service, click Configure a new serviceA dark blue plus sign..

    • To view all actions for a service, hover over a service, then click the information icon An icon of a grey i inside a grey circle..

  4. Enter information about the service:

    • Service Name – Enter a unique name for the service. By default, the service name is SentinelOneV2.

    • (Optional) Description – Describe the service.

    • (Optional) Owner – Enter the email address of the person or group responsible for the service. 

    • Host – Enter the domain of your SentinelOneV2 API endpoint; for example, https://yourcompany.sentinelone.net/

    • API Token – Enter the API token you previously generated.

  5. To validate the source, select TEST CONNECTIVITY.

  6. Select CREATE SERVICE.