Appendix F - Creating a SentinelOne Service User

To create a service user with specific permissions in SentinelOne:

1. Log in to the SentinelOne web portal.

2. Click Settings.

   

3. Go to the Users tab and click Roles.

   

4. From the Actions list, select New Role.

   

   The New Role window appears.

5. In the Role Name field, enter a name for the role.

6. In the Description field, enter the description.

7. In the search field, search and select these permissions and click Save.

   Page	Permission
   Endpoints	Reconnect To Network
   Endpoints	Disconnect From Network
   Endpoint Threat	View
   Threat Intelligence	Manage
   Service Users	Create

   For example:

   

8. Click Save and verify that the roles are created.

9. Click Service Users.

   

10. From the Actions list, select Create New Service User.

    

11. Specify these:

    1. Name

    2. Description

    3. Expiration Date

    

12. Click Next.

    The Select Scope of Access window appears.

    

13. In the Access Level section, select Account.

14. Search and select your account.

15. From the Viewer list, select the new role that you just created.

16. Click Create User.

    The API Token window appears.

    

17. To copy the API Token, click Copy API Token.

    Notes: After this step, you cannot retrieve the token. This API Token is required to Configure the SentinelOne connector.

18. Click Close.