Update Tanium S2S posture integration docs (#23132)

TylerStanish · web-flow · commit 166b27efbc98 · 2025-06-19T15:32:58.000-04:00
* Make it clear that the "Benchmark" Tanium entitlement is required
* Add instructions for obtaining the REST API URL
diff --git a/src/content/docs/cloudflare-one/identity/devices/service-providers/taniums2s.mdx b/src/content/docs/cloudflare-one/identity/devices/service-providers/taniums2s.mdx
@@ -15,7 +15,7 @@ import { Render } from "~/components"
 
 ## Prerequisites
 
-* Either Tanium Cloud or on-premise installations of Tanium
+* Either Tanium Cloud or on-premise installations of Tanium with the Benchmark entitlement
 * Tanium agent is deployed on the device.
 * <Render file="posture/prereqs-warp-is-deployed" params={{ name: "Service providers", link: "/cloudflare-one/identity/devices/service-providers/" }} />
 
@@ -26,22 +26,27 @@ import { Render } from "~/components"
 The following Tanium values are needed to set up the Tanium posture check:
 
 * Client Secret
-* Rest API URL
+* REST API URL
 
-To retrieve those values:
+To retrieve the client secret, create an API token:
 
 1. Log in to your Tanium instance.
 2. Go to **Administration** > **API Tokens**.
 3. Select **New API Token**.
 4. Set **Expire in days** to an appropriate value for your organization. When this token expires, all device posture results will begin to fail unless updated.
 5. Set **Trusted IP addresses** to `0.0.0.0/0`.
 6. Select **Save**.
-7. Copy the **Client Secret** and **API URL** to a safe place.
+7. Copy the **Client Secret** to a safe place.
+
+To retrieve the API URL, determine your Tanium Gateway root endpoint:
+
+* Tanium Cloud: `https://<customerName>-api.cloud.tanium.com/plugin/products/gateway/graphql`
+* Tanium On Prem: `https://<server>/plugin/products/gateway/graphql`
 
 ### 2. Add Tanium as a service provider
 
 <Render file="posture/add-service-provider" params={{ provider: "Tanium" }} />
-5. Enter the **Client Secret** and **Rest API URL** you noted down above.
+5. Enter the **Client Secret** and **REST API URL** you noted down above.
 6. Choose a **Polling frequency** for how often Cloudflare Zero Trust should query Tanium for information.
 7. Select **Test and save**.
 
@@ -57,4 +62,4 @@ Device posture data is gathered from [Tanium's EndpointRisk API](https://develop
 | ----------- | ------ | --- |
 | Total score | `totalScore` of the device. |  `1` to `1000` |
 | Risk level | `riskLevel` of the device. | Low, medium, high, or critical |
-| EID last seen | Elapsed time since the device was last seen, based on its `datetime` attribute. | In the last 1 hour, 3 hours, 6 hours, 12 hours, 24 hours, 7 days, 30 days, or more than 30 days |
+| EID last seen | Elapsed time since the device was last seen, based on its `datetime` attribute. | In the last 1 hour, 3 hours, 6 hours, 12 hours, 24 hours, 7 days, 30 days, or more than 30 days |
