Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. Protected Systems will commonly have a SGNL SDK, Proxy, or some other logic embedded in or near to them that will make an access request to SGNL.
Protected Systems need not know about the policies, data sources, or any of the data in SGNL - they simply need to know and pass to SGNL:
Log-In to your SGNL Client with an Admin Account
From the left navigation pane, select Protected Systems and Add an Integration, or simply click Add from the SGNL Dashboard
Give your integration a descriptive display name and description
Specify the Default Policy to be applied to your integration
Next, you’ll need to configure which identifier the Integration will use to describe a principal
You’ll also need to configure the types of Assets that exist in the system, that will be sent from the integration
Once configured, click Continue to save your Integration and move on to other configuration steps
Once the Integration is created, you can start assigning versions of Policies to the integration - to get started, select Policies from the tabs in your newly created integration
Select ‘Assign Policies’
Select:
Click Next once you have the Policies and Versions configured as is appropriate
Select the Enforcement mode for the Policies you chose in the previous step
Simulated: Policy Versions that are being simulated will only log their access decision in the SGNL logs and will not impact the access decision that SGNL hands back to an integration. Simulated policies are useful for performing what-if analysis of new policy versions as well as debugging policy changes.
Note: It’s considered best practice to start with policies in Simulated mode, to verify that policies have been created an applied as expected
Enforced: Policy Versions that are being enforced will impact the access decisions that SGNL hands back to an integration. Enforced Policies will determine access for an integration
Select your desired Enforcement mode and select Assign
Versions of Policies will now be Assigned to your integration
Authentication ensures that only authorized integrations can make requests into SGNL, as well as verifying the identity of an integration in order to effectively evaluate Policies - to access Authentication settings, open your Integration and select the Authentication tab
Click Generate Token
Give your Token a descriptive name so that you know how it’s being used in the future and click to Generate Token
On the next screen, copy the token - this will be used in your integration to make access requests to SGNL using the SGNL Access Service API
Note: The value of this token is not available again after this screen, so ensure you securely store it