Configure Citrix ShareFile for the Next Generation API Data Protection

Configure Citrix ShareFile for the Next Generation API Data Protection

To configure Citrix ShareFile for the Next Generation API Data Protection, follow the instructions below.

Prerequisite

Before configuring Citrix ShareFile for the Next Generation API Data Protection, review the prerequisite.

  • The Citrix ShareFile Account Owner user is required in order to grant access to Netskope.

    For more information on how to identify the account owner of a Citrix ShareFile account, follow the instruction in this Citrix article.
  • Set the refresh token to ‘never’ expire. To do so:

    Log in to your Citrix ShareFile account as an account owner.On the left panel, navigate to Settings > Admin settings.Then, navigate to Security > Login & Security Policy.Scroll down to the Authentication section and set the Re-authenticate after value to Never.Click Save.

    Sharefile Token Expiry
  • The account owner must be part of the super user group in Citrix ShareFile. To verify:

    1. Log in to the Citrix ShareFile account as an account owner.

    2. On the left panel, navigate to Settings > Admin Settings > Security > Edit Super User Group.

      Ensure that the account owner is part of the super user group.

  • If you have guest or external users in your SaaS environment belonging to domains considered internal, you must set the appropriate internal domains for Netskope to classify exposure accurately. To set up internal domains, follow this article.

Configure Netskope to Access your Citrix ShareFile Account

To authorize Netskope to access your Citrix ShareFile account, follow the steps below:

  1. Log in to the Netskope tenant UI and go to Settings > Configure App Access > Next Gen > CASB API.

  2. Under Apps, select ShareFile and click Setup CASB API Instance.

    The Setup Instance window opens.

  3. Under Administrator Email, enter the email address of the user who will receive an email notification when a policy violation or event triggers. This step is optional.

  4. Under Instance Name, enter a name of the SaaS app instance. This step is optional and if left blank, Netskope will determine the name of the app instance post grant.

  5. Click Grant Access.

    The ShareFile Login window opens.

  6. Enter the subdomain of your ShareFile account. Click Continue.

    Citrix Sharefile Subdomain Window

    You will be redirected to a page where ShareFile will inform you that Netskope has requested access to your ShareFile account.

  7. Enter the email address and password of the Citrix ShareFile account owner. Click Sign in.

    Citrix ShareFile Email And Password Window
  8. After logging in, you will be redirected to the successful result page. Click Close.

Refresh your browser, and you should see a green check icon next to the instance name.

Next, you can can view the Next Generation API Data Protection Inventory page to get deep insights on various entities on your Citrix ShareFile account. For more information on the Inventory page, see Next Generation API Data Protection Inventory.

You can receive audit events and standard user behavior analytic alerts in Skope IT. To know more: Next Generation API Data Protection Skope IT Events.

Next, you should configure a Next Generation API Data Protection policy. To do so, see Next Generation API Data Protection Policy Wizard.

Share this Doc

Configure Citrix ShareFile for the Next Generation API Data Protection

Or copy link

In this topic ...