OneTrust
Visualize OneTrust users, groups, risk, and vendors, and monitor changes through queries and alerts.
- Installation
- Data Model
- Types
Installation
Requirements
- User must have an active OneTrust account with API access.
- User must have permission in JupiterOne to install new integrations.
Configuration in OneTrust
Generate OAuth 2.0 Client Credentials and collect Host URL
- Log in to your OneTrust account.
- Click the gear icon in the upper-right corner to access Global Settings.
- From the Global Settings menu, select Access Management > Client Credentials. The Credentials screen appears.
- Click the Add button. The Add Client Credential screen will open.
- In the Name field, enter a name for the client credential.
- (Optional) In the Description field, provide a description for the client credential.
- In the Access Token Lifetime field, set the duration of the access token to 1 hour.
- (Optional) Enable the Restrict IP Addresses setting to restrict incoming communication to specific IP addresses. If enabled, enter the allowed IP addresses. You can add multiple IPs by clicking the Add icon.
- Click Next. The Scope section appears.
- Select following Scopes
- RISK_READ: To fetch Risk Data
- SCIM: To fetch User and Group Data
- INVENTORY_READ: To fetch Vendor Data
- Click Create. The Client ID and Client Secret section will appear.
- Click Download to save the
.txtfile containing your Client ID and Client Secret to a secure location. - Click Close to finish.
- Note down your OneTrust Host URL from URL bar (e.g.,
https://customer.my.onetrust.com).
Configuration in JupiterOne
- From the top navigation of the J1 Search homepage, select Integrations.
- Search for OneTrust and select it.
- Click on the Add Instance button and configure the following settings:
- Enter the OneTrust Host URL.
- Enter the OneTrust Client ID.
- Enter the OneTrust Client Secret.
- Enter the Account Name by which you'd like to identify this OneTrust instance in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen Tag with Account Name is checked. - Enter a Description to help your team identify the integration instance.
- Select a Polling Interval that fits your monitoring needs. You may leave this as
DISABLEDand manually execute the integration.
- Click Create Instance once all values are provided.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Account | onetrust_account | Account |
| Risk | onetrust_risk | Risk |
| User | onetrust_user | User |
| User Group | onetrust_user_group | Group |
| Vendor | onetrust_vendor | Vendor |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
onetrust_account | HAS | onetrust_user_group |
onetrust_account | HAS | onetrust_vendor |
onetrust_account | HAS | onetrust_risk |
onetrust_user_group | HAS | onetrust_user |
Onetrust Account
onetrust_account inherits from Account
Onetrust Risk
onetrust_risk inherits from Risk
| Property | Type | Description | Specifications |
|---|---|---|---|
actionId | number | ||
closedAt | number | ||
controlsIdentifier * | array of strings | ||
deadline | number | ||
id * | string | ||
impactLevel | string | ||
impactLevelId | number | ||
inherentImpact * | number | ||
inherentImpactLevel | string | ||
inherentProbability * | number | ||
inherentProbabilityLevel | string | ||
inherentRiskScore | number | ||
justification | string | ||
level | string | ||
levelId | number | ||
mitigatedOn | number | ||
orgGroupId | string | ||
orgGroupName | string | ||
previousState | string | ||
probabilityLevel | string | ||
probabilityLevelId | number | ||
recommendation | string | ||
references | string | ||
remediationProposal | string | ||
result | string | ||
riskNumber * | number | ||
riskOwnersId * | array of strings | ||
riskType | string | ||
sourceId | string | ||
sourceName | string | ||
targetImpact * | number | ||
targetImpactLevel | string | ||
targetLevel | string | ||
targetProbability * | number | ||
targetProbabilityLevel | string | ||
targetRiskScore | number | ||
threatName | string | ||
treatment | string | ||
treatmentStatus | string | ||
updatedBy | string | ||
updatedByName | string | ||
vulnerabilityNames | string | ||
workflowId | string | ||
workflowName | string |
Onetrust User
onetrust_user inherits from User
| Property | Type | Description | Specifications |
|---|---|---|---|
title | string |
Onetrust User Group
onetrust_user_group inherits from Group
| Property | Type | Description | Specifications |
|---|---|---|---|
externalId | string |
Onetrust Vendor
onetrust_vendor inherits from Vendor
| Property | Type | Description | Specifications |
|---|---|---|---|
canViewDetails | boolean | ||
isDeletable | boolean | ||
isEditable | boolean | ||
isParent | boolean | ||
organizationId | string | ||
organizationName | string | ||
typeId | string | ||
typeValue | string | ||
vendorNumber | number | A number value assign to each vendor by OneTrust | |
workflowId | string | ||
workflowStage | string | ||
workflowValue | string |