Service Account | Trend Micro Service Central

Views:

Cloud App Security protects the following services:

Office 365 services, including Exchange Online, SharePoint Online, OneDrive, and Microsoft Teams
Google Workspace, including Google Drive and Gmail
Cloud storage applications, including Box and Dropbox

Cloud App Security requires service accounts to integrate with those applications and services that it protects. The service accounts can be categorized as:

Delegate accounts to integrate with Exchange Online, SharePoint Online, and OneDrive
Authorized accounts to integrate with Exchange Online, SharePoint Online, OneDrive, Microsoft Teams (Teams and Chat), Box, Dropbox, Google Drive, and Gmail

In Cloud App Security, go to Administration → Service Account, click Add, hover over the organization for which you need to grant access to services, and select a service from the list that appears on the right side.

Note

If you have granted Cloud App Security access to a service in the organization, Cloud App Security grays it out on the list to prevent it from being selected again.

For the Exchange Online, Exchange Online (Inline Mode), SharePoint Online, OneDrive, Gmail, Gmail (Inline Mode), Box, Microsoft Teams, Teams Chat, or Microsoft Information Protection service account that is added using an access token, if for some reason the access token becomes invalid or you want to refresh the existing token, re-create an access token to continue using the service account.

After you have granted Cloud App Security access to Office 365 services for an organization, you can view the name of the Microsoft tenant associated with the organization.

Note

If you have Trend Vision One, when you add a tenant in Trend Vision One → Third Party Integration → Microsoft Entra ID, Cloud App Security automatically associates the tenant with an organization with no service to which Cloud App Security has been granted access. If there is no such organization, Cloud App Security creates an organization and associates it with the tenant.

The following procedure takes Exchange Online as an example, and the procedure for re-creating an access token for other services is similar.

Note

For Box, provide the Box administrator account used during access grant to ensure access to the previous service data by Cloud App Security.
For Gmail and Gmail (Inline Mode), provide an administrator account in the same domain as the one used during access grant to ensure successful re-creation of the access token.

Click Recreate Access Token under Status of the Exchange Online service account.

The Recreate Access Token for Exchange Online Service Account screen appears.
Click Click here at the end of Step 1, specify your Office 365 Global Administrator credentials to sign in if prompted, and then click Accept on the screen that appears.
Go back to the management console as instructed and click Done.

A green checkmark icon appears under Status of the Exchange Online service account, indicating that the access token and the service account are valid.