## Introduction HCL AppScan on Cloud is a Software as a Service version of the HCL AppScan product. This guide walks you through the steps to gather the necessary information and configure your HCL AppScan on Cloud organization for the purpose of creating an integration with Synqly's Application Security connector. ## Prerequisites Before you begin, ensure that you have: - Access to the HCL AppScan on Cloud web interface - Access to an Administrator or Manager account (Recommended) ## Required User Permissions | Operation | HCL User Permission | | --- | --- | | Query Applications | No additional permissions required | | Query Application Findings | No additional permissions required | | Query findings across all applications | No additional permissions required | | Get Application Finding Details | No additional permissions required | ## Creating an HCL AppScan on Cloud Service Account (Recommended) Before you begin, ensure that you have access to an HCL Software ID with either the Administrator or Manager roles, as well as access to the HCL AppScan on Cloud web interface. Please note that each set of HCL API credentials is unique to a specific user. With this in mind, and for the additional purpose of API rate limiting, it is highly recommended that a new service account be used to generate the new API credentials. If you choose not to create a new service account, skip to the section titled [*Generating API Credentials*](#generating-api-credentials). ### 1. Create a new User Role While this step is optional when creating a new service account, it is recommended. Using an HCL Software ID with either the Administrator or Manager role, log in to the HCL AppScan on Cloud web interface. Once logged in, navigate to the sidebar and select **Access Management > Roles**. Next, select the **Add new role** button in the upper right-hand corner and enter a role name and description. Finally, select all of the required permissions for this provider's supported Synqly Operations. Permissions required for this provider's supported Synqly Operations can be found above in the section titled [*Required User Permissions*](#required-user-permissions). For more information regarding the predefined user roles, see the [HCLSoftware Roles documentation](https://help.hcl-software.com/appscan/ASoC/appseccloud_user_roles_cm.html). ### 2. Invite Service Account Once logged in, navigate to the sidebar and select **Access Management > Users**. Next, select the **Invite Users** button in the upper right-hand corner and enter the email you wish to associate with the new service account. Next, select a role for this user, assign it to an asset group, and select **Send invitation**. An invitation email with a confirmation link will be sent to each of the invited email addresses. For information regarding asset groups, see the [HCLSoftware Asset Groups documentation](https://help.hcl-software.com/appscan/ASoC/appseccloud_asset_groups_cm.html). ## Generating API Credentials Before you begin, ensure that you have access to a valid HCL Software ID with the required permissions as listed under [*Required User Permissions*](#required-user-permissions), as well as access to the HCL AppScan on Cloud web interface. To begin generating a new set of HCL API credentials, log in to the HCL AppScan on Cloud web interface and take note of the URL. Once logged in, navigate to the sidebar and select **Tools > API**. Take note of the value under Key ID. Next, select the **Generate** button and take note of the new Key Secret. The URL, Key ID, and Key Secret values will each be used when creating a new Synqly HCL AppScan on Cloud integration. ## Configuring the Integration To configure a new HCL AppScan on Cloud integration in the Synqly system, provide each of the values as defined below: | Integration Parameter | Description | | --- | --- | | Client ID | This is the Key ID gathered when generating the API credentials | | Client Secret | This is the Key Secret value gathered when generating the API credentials | | Base URL | The URL used to access the HCL AppScan on Cloud web interface |