Skip to content

[CF1] Update Tanium S2S posture integration docs in taniums2s.mdx #23132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 19, 2025
Merged

[CF1] Update Tanium S2S posture integration docs in taniums2s.mdx #23132

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 11 additions & 6 deletions src/content/docs/cloudflare-one/identity/devices/service-providers/taniums2s.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ import { Render } from "~/components"

## Prerequisites

* Either Tanium Cloud or on-premise installations of Tanium
* Either Tanium Cloud or on-premise installations of Tanium with the Benchmark entitlement
* Tanium agent is deployed on the device.
* <Render file="posture/prereqs-warp-is-deployed" params={{ name: "Service providers", link: "/cloudflare-one/identity/devices/service-providers/" }} />

Expand All @@ -26,22 +26,27 @@ import { Render } from "~/components"
The following Tanium values are needed to set up the Tanium posture check:

* Client Secret
* Rest API URL
* REST API URL

To retrieve those values:
To retrieve the client secret, create an API token:

1. Log in to your Tanium instance.
2. Go to **Administration** > **API Tokens**.
3. Select **New API Token**.
4. Set **Expire in days** to an appropriate value for your organization. When this token expires, all device posture results will begin to fail unless updated.
5. Set **Trusted IP addresses** to `0.0.0.0/0`.
6. Select **Save**.
7. Copy the **Client Secret** and **API URL** to a safe place.
7. Copy the **Client Secret** to a safe place.

To retrieve the API URL, determine your Tanium Gateway root endpoint:

* Tanium Cloud: `https://<customerName>-api.cloud.tanium.com/plugin/products/gateway/graphql`
* Tanium On Prem: `https://<server>/plugin/products/gateway/graphql`

### 2. Add Tanium as a service provider

<Render file="posture/add-service-provider" params={{ provider: "Tanium" }} />
5. Enter the **Client Secret** and **Rest API URL** you noted down above.
5. Enter the **Client Secret** and **REST API URL** you noted down above.
6. Choose a **Polling frequency** for how often Cloudflare Zero Trust should query Tanium for information.
7. Select **Test and save**.

Expand All @@ -57,4 +62,4 @@ Device posture data is gathered from [Tanium's EndpointRisk API](https://develop
| ----------- | ------ | --- |
| Total score | `totalScore` of the device. | `1` to `1000` |
| Risk level | `riskLevel` of the device. | Low, medium, high, or critical |
| EID last seen | Elapsed time since the device was last seen, based on its `datetime` attribute. | In the last 1 hour, 3 hours, 6 hours, 12 hours, 24 hours, 7 days, 30 days, or more than 30 days |
| EID last seen | Elapsed time since the device was last seen, based on its `datetime` attribute. | In the last 1 hour, 3 hours, 6 hours, 12 hours, 24 hours, 7 days, 30 days, or more than 30 days |
Loading