From 677bd8a02ae77294967aab650f0adb03ab6cfed0 Mon Sep 17 00:00:00 2001 From: sra Date: Tue, 17 Dec 2024 10:06:51 +0530 Subject: [PATCH] DOCS-7072 staging the changes made --- docusaurus.config.ts | 14 +---- products/sase/api/sspm/api-workflow.md | 73 ++++++++++++++++++++-- products/sase/api/sspm/intro.md | 37 ++++++++++- products/sase/docs/sspm/getting-started.md | 10 --- products/sase/sidebars.ts | 2 +- 5 files changed, 105 insertions(+), 31 deletions(-) delete mode 100644 products/sase/docs/sspm/getting-started.md diff --git a/docusaurus.config.ts b/docusaurus.config.ts index b712e34d1..fdca98646 100644 --- a/docusaurus.config.ts +++ b/docusaurus.config.ts @@ -538,18 +538,6 @@ const config = { }, ], }, - { - label: "SaaS Security Posture Management", - to: "#", - logoClass: "prisma", - apiDocs: [ - { - to: "access/api/sspm/getting-started", - label: "SaaS Security Management", - icon: "api-doc", - }, - ], - }, { label: "Prisma Access Insights", to: "#", @@ -915,7 +903,7 @@ const config = { outputDir: "products/sase/api/mt-interconnect", sidebarOptions: { groupPathsBy: "tag" }, }, - securityposture: { + sasesspm: { specPath: "openapi-specs/sase/sspm", outputDir: "products/sase/api/sspm", sidebarOptions: { groupPathsBy: "tag" }, diff --git a/products/sase/api/sspm/api-workflow.md b/products/sase/api/sspm/api-workflow.md index 257512e0c..241020f06 100644 --- a/products/sase/api/sspm/api-workflow.md +++ b/products/sase/api/sspm/api-workflow.md @@ -1,10 +1,75 @@ --- id: api-workflow -title: Multitenant Notifications APIs -sidebar_label: Multitenant Notifications APIs -slug: /sase/api/sspm +title: SaaS Security Posture Management APIs +sidebar_label: ecurity Posture Management APIs keywords: - SASE - Reference - API ---- \ No newline at end of file +--- + +# API Workflow for SaaS Security Posture Management (SSPM) + +Use this guide to interact with SSPM APIs to manage onboarded SaaS applications, retrieve configuration details, and handle integrations efficiently. + +--- + +## Workflow Steps + +### 1. Retrieve the List of Onboarded Apps +Use the `/sspm/api/v1/apps` API to fetch all onboarded SaaS applications. Each application includes an `app_id`, which you will use in subsequent API calls. For more information on how to onboard SaaS applications, read the [SaaS Onboarding guide](https://docs.paloaltonetworks.com/saas-security/saas-security-admin/saas-security-sspm/onboard-saas-apps-supported-by-sspm/onboarding-overview-for-supported-saas-apps). + +--- + +### 2. Fetch Details for an Onboarded App +Use the `app_id` from the previous step to access detailed information about a specific onboarded app: +- Use `/sspm/api/v1/apps/{app_id}` to fetch the application's basic details. +- Use `/sspm/api/v1/apps/{app_id}/configs` to retrieve the app's configuration details. +- Use `/sspm/api/v1/apps/{app_id}/settings` to access specific app settings. + +--- + +### 3. Retrieve the Catalog of Supported SSPM Apps +Call the `/sspm/api/v1/catalog/apps` API to get a catalog of all supported SSPM apps. Each catalog entry includes an app name, which you will use in subsequent API calls. + +--- + +### 4. Fetch details for a Catalog App +Use the app name from the catalog to retrieve additional details about a specific app: +- Use `/sspm/api/v1/catalog/apps/{app}` to get general information about the app. +- Use `/sspm/api/v1/catalog/apps/{app}/configs` to fetch configuration details. +- Use `/sspm/api/v1/catalog/apps/{app}/scopes` to access scope information for the app. +- Use `/sspm/api/v1/auth/{app}/info` to retrieve authentication details. + +--- + +### 5. Retrieve Common Control Details +Find the `common_control` or `common_control_id` values in the responses of the following APIs: +- `/sspm/api/v1/apps/{app_id}/configs` +- `/sspm/api/v1/catalog/apps/{app}/configs` + +Use the `/sspm/api/v1/catalog/controls/{common_control_id}` API to retrieve detailed information about the common control. + +--- + +### 6. Retrieve Integration Projects +Call `/sspm/api/v1/integration/integrations/{integration_id}/{integrationType}/projects` to get a list of integration projects for a specific `integration_id`. The response includes project keys for further actions. + +--- + +### 7. Fetch Details for a Specific Project +Use `/sspm/api/v1/integration/integrations/{integration_id}/{integrationType}/project/{key}` to retrieve detailed information about a project. The response includes issue keys that you can use in the next step. + +--- + +### 8. Fetch Details for a Specific Issue +Call `/sspm/api/v1/integration/integrations/{integration_id}/{integrationType}/issue/{key}` to retrieve detailed information about a specific issue using the issue key. + +--- + +## Summary +This workflow provides a structured way to: +- Retrieve onboarded and cataloged apps. +- Access detailed app configurations and settings. +- Manage common controls for enhanced security. +- Handle integration projects and resolve issues. \ No newline at end of file diff --git a/products/sase/api/sspm/intro.md b/products/sase/api/sspm/intro.md index aba397edc..1d783264d 100644 --- a/products/sase/api/sspm/intro.md +++ b/products/sase/api/sspm/intro.md @@ -1,9 +1,40 @@ --- id: intro -title: Multitenant Notifications APIs -sidebar_label: Multitenant Notifications APIs +title: SaaS Security Posture Management APIs +sidebar_label: Security Posture Management APIs +slug: /sase/api/sspm keywords: - SASE - Reference - API ---- \ No newline at end of file +--- + +## Introduction to Prisma Access SaaS Security Posture Management APIs + +### What is SaaS Security Posture Management? +SaaS Security Posture Management (SSPM) APIs provide tools for continuous monitoring, detection of misconfigured SaaS application settings. + +### Why Use SSPM APIs? +Integrate SSPM APIs to: +- Monitor and manage security configurations. +- Ensure compliance with security best practices. + +### Key Features +- Misconfiguration detection and prioritization. +- Automated and manual remediation workflows. +- Integration support for multiple SaaS applications. + +### How SSPM Works +1. **Discover SaaS Applications**: Onboard and monitor SaaS apps. +2. **Analyze Configurations**: Fetch assessments and detect misconfigurations. +3. **Remediate Issues**: Resolve misconfigurations programmatically. +4. **Monitor Continuously**: Keep apps secure through automated monitoring. + +### Prerequisites +- Access to SSPM. +- API token for authentication. + +For more information about SSPM, see +[SaaS Security Posture Management](https://docs.paloaltonetworks.com/saas-security/saas-security-admin/saas-security-sspm/get-started-with-sspm/whats-sspm) + +These APIs use the [common SASE authentication](/sase/docs/getstarted) for service access and authorization. diff --git a/products/sase/docs/sspm/getting-started.md b/products/sase/docs/sspm/getting-started.md deleted file mode 100644 index 8fcb39f29..000000000 --- a/products/sase/docs/sspm/getting-started.md +++ /dev/null @@ -1,10 +0,0 @@ ---- -id: getting-started -title: Aggregate Monitoring APIs -description: Aggregate Monitoring APIs -hide_title: true -slug: /sase/docs/sspm -hide_table_of_contents: false -keywords: - - sase ---- \ No newline at end of file diff --git a/products/sase/sidebars.ts b/products/sase/sidebars.ts index b5bca9786..d03aa2f01 100644 --- a/products/sase/sidebars.ts +++ b/products/sase/sidebars.ts @@ -306,7 +306,7 @@ module.exports = { securityposture: [ "sase/api/sspm/intro", "sase/api/sspm/api-workflow", - require("./api/mt-interconnect/sidebar"), + require("./api/sspm/sidebar"), ], sasesubscription: [ "sase/api/subscription/subscription-api",