Skip to main content

CollectorsCloud Collectors Administration Guide

Table of Contents

Prerequisites to Configure the Abnormal Security Cloud Collector

Before you configure the Abnormal Security Cloud Collector you must complete the following prerequisites:

Obtain the API Authentication Token and Complete IP Allowlisting

The API helps to manage threats to an organization identified by Abnormal Security. Integrate your REST API with Abnormal Security to enable real-time detection of malicious emails.

Use the following steps to obtain the API Authentication Token for REST API integration.

  1. Access the Abnormal Security portal.

  2. Navigate to Settings > Integrations > Additional Integrations > Abnormal REST API > Connect.

  3. The Integration page displays a unique API access token required for your API calls. Record the access token to use it while configuring the cloud collector.

    For more information about each Abnormal REST API endpoint, refer to the Abnormal API documentation in SwaggerHub. For assistance, you can contact Abnormal Security Support at [email protected].

  4. On the Integration page, after recording the access token, in the IP Safelist field, enter a specific IPv4 / IPv6 address or enter a range of addresses. See Complete the IP Allowlisting.

Complete the IP Allowlisting

IP allowlisting enables API access for only the IP addresses that belong to your organization and prevents access for users from unauthorized networks. Additionally IP allowlisting helps to keep your data and API token safe from unauthorized users. Hence you must add organization’s IPs to the IP allowlist on the Integration page.