Prerequisite for accessing Centrify Platform events

The first task that you must perform before accessing Centrify Platform events is to configure the OAuth tenant. For detailed steps, see Setting up the SIEM User and the OAuth App on the Tenant.

After you complete the configuration, you will have created the following:

  • SIEM user

  • OAuth app

  • SIEM scope for accessing Redrock and query

Setting up the SIEM user and the OAuth app on the tenant

To set up the SIEM user and OAuth app

  1. In the Admin Portal, open the Apps tab and click Web Apps.

  2. Click Add Web Apps.

  3. Select the Custom tab and click Add for OAuth2 Client.

  4. When prompted to add the OAuth2 Client web app, click Yes.

  5. Navigate back to the Web Apps screen and click on OAuth2 Client to open the app.

  6. On the Settings tab, enter oauthsiem for the Application ID.

  7. On the General Usage tab, leave the defaults as shown.

  8. On the Tokens tab, under Auth methods, check Client Creds.

  9. On the Scope tab, under Scope definitions, click Add to add a new scope.

  10. On the Scope definitions dialog:

    1. In the Name field, enter siem.

    2. Under Allowed REST APIs, click Add, and enter Redrock/query.

    3. Click Save.

  11. Click Save to save the OAuth2 Client changes.

  12. From the main menu, open Access and select the Users tab.

  13. Click Add User to add a new user.

  14. On the Create Centrify Directory User page, fill out the following fields:

    1. For the Login Name, enter siemuser.

    2. For the Suffix, select centrify.com (or leave as is).

    3. For Email Address and Display name, enter the user's email address and full name.

    4. Scroll down to the other account fields:

    5. For the Password and Confirm Password, enter the password of your choice. The password must be between 4 to 64 characters long and contain at least one digit.

    6. Under Status, check Is OAuth confidential client. This selection should automatically checkPassword never expires.

    7. Click Create User to create the new user.

  15. From the main menu, select the Roles tab and click Add Rule.

  16. On the service account page:

    1. On the Description tab enter: service account for the Name field. This entry serves as the role name.

    2. On the Members tab, search for the siemuser that you created earlier and select its checkbox to add the new member.

    3. Click Add.

  17. On the Administrative Rights page, click Add to open the Add Rights list.

  18. Check Read Only System Administration and click Add.

  19. Check Read Only System Administration and click Save.

  20. Perform final checks to ensure:

    • On the Users tab, the siemuser is shown.

      Note:    You may need to check All Users to ensure you are shown the full list of users.

    • When you select siemuser and click on the Roles section, service accountis listed.

    • Select Web Apps > OAuth2 Client > Permissions . Ensure the permissions for theservice account role is shown.

    • Select the Tokens tab and ensure Client Creds is checked under Auth methods.