Creating and Managing API Client in Sophos console

1. Introduction

A valid ClientId, Client Secret and tenant URL is required in order to access Sopho's API

2. Prerequisites

Access to the Sophos Central Dashboard
Super Admin privileges

3. Generate API Token

Step 1: Access the Sophos Central Dashboard

Step 2: Click on the Settings icon in the top right corner

Step 3: Click API Credentials Management

Step 4: Click on the Add Credentials button

Give the credential a name, description and select the desired access: Service Principal Super Admin https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/GlobalSettings/APICredentials/index.html
Save the ClientId & Client Secret

4. Configure the Integration

URL This is the Base URL for where both authentication and queries will be performed. Please determine the correct URL by performing a WhoAmI query using a Curl call:

curl --location 'https://id.sophos.com/api/v2/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=<client_id>' \
--data-urlencode 'client_secret=<client_secret>' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=token'

This curl call will return the right dataRegion URL. That value is the value we need to configure for URL here.

ClientId This is the Client Id gathered in step

ClientSecret This is the Client Secret gathered in step 5