How to integrate Sophos account?
Overview
To authenticate with Sophos Central and access their REST APIs, you will need the following information:
- API Client ID
- API Client Secret
Step 1: Login to Sophos Central
- Sign in to your Sophos Central Admin console at
https://central.sophos.com - Ensure you have Super Admin or Admin role with API access permissions
Step 2: Navigate to API Credentials Management
- In Sophos Central, go to Global Settings (gear icon in top-right)
- Select API Credentials Management
- You'll see a list of existing API credentials (if any)
Step 3: Create API Credentials
-
Click Add Credential
-
Fill in the following details:
Credential Configuration:
- Credential Name: Enter a descriptive name (e.g., "Unizo Integration")
- Description: Add details about the integration purpose (optional)
- Role: Select the appropriate role
-
Select API Role:
Available Roles:
- Service Principal Super Admin: Full administrative access
- Service Principal Admin: Standard administrative access
- Service Principal Read Only: Read-only access to all data
- Service Principal Forensic: Access to forensic data
Recommended for EDR/XDR Integration:
- Full integration: Service Principal Admin
- Monitoring only: Service Principal Read Only
-
Click Add
Step 4: Copy API Credentials
After creation, Sophos will display:
- Client ID: A unique identifier for your API client
- Client Secret: The secret key for authentication
Important:
- Copy both values immediately - the Client Secret is shown only once
- Store them securely in a secrets manager
- If the secret is lost, you must regenerate new credentials