Service Account

Cloud App Security protects:

  • Office 365 services, including Exchange Online, SharePoint Online, OneDrive, and Microsoft Teams

  • Google Workspace, including Google Drive and Gmail

  • Cloud storage applications, including Box and Dropbox

  • CRM platform, which is Salesforce

Cloud App Security requires service accounts to integrate with those applications and services that it protects. The service accounts can be categorized as:

  • Delegate accounts to integrate with Exchange Online, SharePoint Online, and OneDrive

  • Authorized accounts to integrate with Exchange Online, SharePoint Online, OneDrive, Microsoft Teams (Teams and Chat), Box, Dropbox, Google Drive, Gmail, and Salesforce

Go to Administration > Service Account, click Add, hover over the organization for which you need to provision services, and select a service from the list that appears on the right side.

Note:

If a service has been provisioned in the organization, Cloud App Security grays it out on the list to prevent it from being selected again.

For the Exchange Online or Box service account that is provisioned using an access token, if for some reason the access token becomes invalid or you want to refresh the existing token, recreate an access token to continue using the service account.

The following procedure takes Exchange Online as an example, and the procedure for recreating an access token for Box is similar.

Note:

For Box, provide the Box administrator account used during provisioning to ensure access to the previous service data by Cloud App Security.

  1. Click Recreate Access Token under Status of the Exchange Online service account.

    The Recreate Access Token for Exchange Online Service Account screen appears.

  2. Click Click here at the end of Step 1, specify your Office 365 Global Administrator credentials to sign in if prompted, and then click Accept on the screen that appears.

  3. Go back to the management console as instructed, click Click here at the end of Step 2, and then click Accept on the screen that appears.

  4. Go back to the management console as instructed and click Done.

    A green checkmark icon appears under Status of the Exchange Online service account, indicating that the access token and the service account are valid.