Skip to main content

Incident ResponderIncident Responder Documentation

Configure the SentinelOne Service

Configure SentinelOne as a service to manage two-factor authentication, get information about entities and artifacts, and run other SentinelOne actions.

  • Generate a SentinelOne API token, then save it. For more information, contact SentinelOne Customer Support.

  • If you use a proxy, ensure that you whitelist the domain for your SentinelOne API endpoint; for example https://yourcompany.sentinelone.net/

  1. In the navigation bar, click the menu The menu icon in the navigation bar; three white lines on a green background., select Settings, then select Core.

  2. Under SERVICE INTEGRATIONS, select Services.

  3. Select a service:

    • To configure a specific service, hover over a service, then click CONFIGURE. Use the search by vendor or filter by action to find a service.

    • To manually provide the relevant information for a service, click Configure a new serviceA blue circle with a white plus sign..

    • To view all actions for a service, hover over a service, then click the information icon An icon of a grey i inside a grey circle..

  4. Enter information about the service:

    • Service Name – Enter a unique name for the service. By default, the service name is SentinelOne.

    • (Optional) Description – Describe the service.

    • (Optional) Owner – Enter the email address of the person or group responsible for the service. 

    • Host – Enter the domain of your SentinelOne API endpoint; for example https://yourcompany.sentinelone.net/

    • API Token – Enter the API token you previously generated.

  5. To validate the source, select TEST CONNECTIVITY.

  6. Select CREATE SERVICE.