We have our WebEx teams platform federated with AzureAD for logon. We are looking into connecting Microsoft MCAS for DLP. The guide here is quite vague in that it recommends a service account be used. It does not however give any indication as to where this account is defined (WebEx or AzureAD) and if it's needed as a once off to create the connection/integration or if it's needed on-going.
Any one have experience with WebEx and MCAS that could shed some light on this?
You can use this link to connect Cisco Webex Teams to Microsoft Cloud App Security
Note: Grant admin access for the service account to portal.cloudappsecurity.com without MFA
Thanks for the reply but that doesn't really address my question as toy where the account is defined,. I don't think the account needs any access to the MCAS portal either.
Hi @michael_hysen. Thanks for the reply. We got it setup by creating an account in our Active Directory, synching that account to both AzureAD and Webex, granting that account admin on Webex and then specifying this account during the MCAS setup. To date I don't see any sign-in events for this account in AzureAD which makes me think that it's simply used as a one off to generate a token for access or the like for MCAS. It's bugging me as we have an account in AzureAD doing nothing it looks like.
Sorry for the super late reply....yes this is exactly what we had to do. I believe you need an Azure AD account (not sure if it must be an AD account) so that admin approval can happen (when setting up the link in MCAS it redirects you back to your AD for authentication adn authorisation). Same as you, we have an account hanging around just for this purpose but its the only way it seems.