Skip to main content
Sign in

Creating an extended integration for InfoSec IQ users

  • November 13, 2024 14:07
  • Updated

Let Oomnitza be your single source of truth!

You'll get visibility of your InfoSec IQ users as data from InfoSec IQ is automatically transformed into consumable information and actionable insights.

Connect Oomnitza and InfoSec IQ in minutes

Get the information and insights that you need to reduce costs and the time that you spend on administration tasks such as:

  • Configurable dashboards and list views of key user information
  • Configurable reports to share information about users with your colleagues and management
  • Configurable workflows for: 
    • Getting and deleting a user from InfoSec IQ
    • Creating and updating InfoSec IQ users

Navigation

small_blue_link.svgSetting the InfoSec IQ subdomain as a global variable

small_blue_link.svgAdding the credentials

small_blue_link.svgCreating the user integration

small_blue_link.svgCreating custom mappings

small_blue_link.svg Creating workflows

Creating user workflows with the API block

Create User 

Get User

Update User

Delete user 

Before you start

Best practice
For the integration with Oomnitza, create a dedicated user account.

InfoSec IQ uses API key authentication and requires an API key to be added in Oomnitza. To obtain your API key first have your account manager enable this functionality for your account. Once API functionality is enabled you will be able to access your API token through your account settings page.

For further information refer to the InfoSec IQ API Documentation.

Setting the InfoSec IQ subdomain as a global variable

To save time entering information when you create the integration and the workflow, you can add the InfoSec IQ subdomain as a global variable in Oomnitza.

  1. From the menu, go to Configuration>General.
  2. Click Global Settings.
  3. Click Add new variable (+). 
  4. Enter InfoSec.Subdomain as the variable name.
  5. Enter your InfoSec IQ subdomain. If your InfoSec IQ URL is https://mycompany.infosecinstituteyour subdomain would be: mycompany.
  6. Save your changes.

Adding the credentials

To stream InfoSec IQ user data into Oomnitza, complete the following steps:

  1. In Oomnitza, click Configuration > Security > Credentials.
  2. Click Add new credential (+).
  3. Search for the integration, and then click the forward button > to select the integration.
  4. Add your API key.
  5. Click Create.

Integration not in the list? Click Advanced Mode and complete these steps:

  1. On the INFORMATION tab, complete these actions:
    1. Add the name of the credential.
    2. Add the name of the owner. 
  2. Ensure that API Key is selected as the Authorization type.
  3. Ensure that the Token Name is Authorization 
  4. Enter Bearer followed by the API Key. For example,Bearer aefgd-adw3n-jknadd78l1kjndc.
  5. Ensure that Add to Header is selected.
  6. Save your changes.

Next

You use the credentials that you added to create and customize your InfoSec IQ integrations with Oomnitza.

Creating the user integration

Info and connect details

  1. In Oomnitza, click Configuration > Integrations > Overview.
  2. Click Block view block_view.PNG.
  3. On the Integrations page, scroll down to the Extended section for user integrations.
  4. Click NEW INTEGRATION.
  5. In the sidebar, search for the integration.
  6. Click ADD.

Integration details overview

More information is provided about the following fields to help you complete the integration:

  • User only. Add user records.
  • User plus SaaS user. Add user and SaaS user records. 

The benefit of adding SaaS user records is that you can run a workflow to validate the status and activity of SaaS users and retrieve information such as the role of the SaaS user. The information that can be retrieved depends on whether SaaS user workflows are available for the integration. 

Installation types

  • Cloud. Store credentials in the Oomnitza cloud.
  • Local. Store credentials locally. If you want to sync Oomnitza with vendor applications that require AWS or OAUTH authentication, select cloud as the type of installation. Local installations don't support AWS and OAuth authentication. 

Integration preferences

  • Create & Update. Add and update records.
  • Create only. Add records.
  • Update only. Update records.

Editing the integration details

  1. Click Edit edit_black_pencil_icon.svg.
  2. Make your changes.

Editing the credential details

If you selected Cloud as the installation type, choose one of the following options:

  • Select the credentials that were created for the integration.
  • Edit the credentials that were created for the integration.
  • Create new credentials

Scheduling the integration

By default, data is synced once every day. Change the interval or the time so that the data is streamed when your system isn't busy.

  1. Click Edit edit_black_pencil_icon.svg.
  2. Make and save your changes.

Mapping fields to Oomnitza

To map the fields to Oomnitza, click Edit edit_black_pencil_icon.svg.

 cog_red_dot_small_icon.svg Selecting Edit integration to add rules for syncing data. small_blue_link.svg Filtering integration results.  
 

You can add new fields to your integration by selecting Add new field  add_grey_rectangel_icon.svg on the mapping page. 
small_blue_link.svg Creating custom API fields. 

Creating custom mappings

Map the InfoSec IQ fields to Oomnitza fields and create custom mappings to get the user information that you need.

Complete these actions:

  1. Click Smart Mapping to automatically detect appropriate mapping fields. Values from the integration can also be dragged to the appropriate field on the Oomnitza side, or selected from the integration field dropdown.
  2. Create a custom mapping to map the Infosec User Id to Oomnitza. 
    1. Click the down arrow on the Id field.
    2. Select Add new Oomnitza users field.
    3. Change the name of the field to Infosec User Id.
    4. Select the Unique checkbox.
    5. Click CREATE
  3. Ensure that the Email is mapped to the
    1. Username field on the Oomnitza side (required for integration).
    2. Email field on the Oomnitza side (required for integration).
  4. Select the Role field on the Oomnitza mapping side.
  5. Choose a suitable role from the list (a defined role is necessary for the integration)
  6. Assign a sync key to a unique field, such as the Email.
  7. Click UPDATE.

Standard InfoSec IQ to Oomnitza mappings

The following InfoSec IQ fields can be mapped to Oomnitza:

Connector Sync Time
Email
First Name
Id
Last Name
Modified

Launching the integration

Your integration is in Draft mode until the required mandatory fields are added. When added, click Launch to activate your integration. 

small_blue_link.svg If you selected Cloud as the installation type when creating the integration, see Running an extended integration

small_blue_link.svg If you selected Local as the installation type when creating the integration, see Running an extended integration locally.

Viewing data ingested by Oomnitza

Viewing ingested asset data

For asset integrations, click Hardware. If the asset integration also ingests software data, click Software.

Viewing ingested user data

For user integrations, click People. If you chose the option to ingest User and SaaS user data, click Software > SaaS, click the SaaS app, and then click the Users tab. 

Related Links

Creating workflows

Creating user workflows with the API block

To reduce your workload and automate complex and repetitive tasks, you can create user workflows with the API block by following the steps in Using the API block.

Select your preset of choice and for every preset enter the following information in the Configure section:

  1. Your correct InfoSec IQ Credentials that you created in Adding the credentials.
  2. Your Subdomain should be derived from the variable created in Setting the InfoSec IQ subdomain as a global variable or entered manually. 

The API block comes with the following InfoSec IQ presets:

Create User 

Get User

Update User

Delete user 

Using the InfoSec IQ Create User preset

The InfoSec IQ Create User preset creates a new user. When constructing a workflow that uses this preset, the following information is mandatory

    • New Email
    • New First Name
    • New Last Name
    • New Title
    • New Manager Name
    • New Manager Email

Tip
You can enter the user information manually, or map it from existing Oomnitza fields. If you are mapping the user information from an existing field you need to place the field name between curly braces, for example {{email}}.

Next, use the Advanced Mode to configure the message payload. To do this, complete the following steps:

  1. In the API block window, click the Advanced Mode button located in the upper right of the window.
  2. In the Body tab, you can modify, update or add fields that will be used in the request payload. For example, you may want to add the address or phone number of the new user. For information on the fields that are permitted in the request payload, refer to the InfoSec IQ API documentation: Create a new learner.
  3. In the Response tab, you can map the entire response by placing {{response}} in the Response field and mapping it to a custom long text Oomnitza field. Once you have the entire response, you can then map individual JSON values to custom fields. For further information, refer to the Mapping positive and negative responses.

Using the InfoSec IQ Get User Details preset

The InfoSec IQ Get User preset shows the details of a user, by ID. When working with this preset, use the Advanced Mode to configure the message payload. 

  1. Click the Advanced Mode button located in the upper right of the window.
  2. Select the Information tab. The InfoSec IQ user id is assumed to be stored in the variable{{infosec_user_id}} that you created in Creating custom mappings. If this is not correct, you can replace the variable {{infosec_user_id}}in the URL field with the correct variable or user id. 
  3. In the Response tab, you can map the entire response by placing {{response}} in the Response field and mapping it to a custom long text Oomnitza field. Once you have the entire response, you can then map individual JSON values to custom fields. For further information, refer to the Mapping positive and negative responses.
  4. info_sec_get_user.PNG

For further information, and for an overview of the values returned in the Get User Details response, refer to the InfoSec IQ API documentation: Retrieve a learner

Using the InfoSec IQ Update User preset

The InfoSec IQ Update User preset updates the details of a person, by ID. When you select this preset, you will be assed to supply the updated user information. You can also supply additional user details in the Body tab in Advanced Mode.

Tip
A common approach to using this preset is to first use the Get User Details preset to get the person's details, make changes, and then send the changed values in the Update User preset.

When working with this preset, use the Advanced Mode to configure the message payload. 

  1. Click the Advanced Mode button located in the upper right of the window.
  2. Select the Information tab. The InfoSec IQ user id is assumed to be stored in the variable{{infosec_user_id}}.
  3. In the Body tab, you can modify, update or add fields that will be used in the request payload. For example, you may want to add the address or phone number of the new user. For information on the fields that are permitted in the request payload, refer to the InfoSec IQ API documentation: Edit an existing learner.
  4. In the Response tab, you can map the entire response by placing {{response}} in the Response field and mapping it to a custom long text Oomnitza field. Once you have the entire response, you can then map individual JSON values to custom fields. For further information, refer to the Mapping positive and negative responses.

For further information on the request payload refer to the InfoSec IQ API documentation: Edit an existing learner.

Using the InfoSec IQ Delete User preset

The InfoSec IQ Delete User preset removes a person from the system.

Tip
You can use this preset in conjunction with the InfoSec IQ Get User Details preset. Use the InfoSec IQ delete user preset to delete the accounts that were found inactive after running the InfoSec IQ Get User Details preset.

When working with this preset, use the Advanced Mode to configure the message payload. 

  1. Click the Advanced Mode button located in the upper right of the window.
  2. Select the Information tab. The InfoSec IQ user id is assumed to be stored in the variable{{infosec_user_id}} that you created in Creating custom mappings. If this is not correct, you can replace the variable {{infosec_user_id}}in the URL field with the correct variable or user id. 
  3. In the Response tab, you can map the entire response by placing {{response}} in the Response field and mapping it to a custom long text Oomnitza field. Once you have the entire response, you can then map individual JSON values to custom fields. For further information, refer to the Mapping positive and negative responses.

For further information, refer to the InfoSec IQ API documentation: Delete a learner.

articles_icon.svg Reference articles for workflows

Unleash the power of Oomnitza

To get valuable actionable insights that help you manage your users, learn how to:

      • Configure dashboards for your users and software
      • Configure custom reports about your users and software
      • Create workflows to automate tasks

See small_blue_link.svg Getting started for more information.

Related articles

Comments

0 comments

Please sign in to leave a comment.