Refresh SentinelOne Singularity Endpoint credentials

When your SentinelOne® Singularity Endpoint API token expires, create a new one and resubmit it to Arctic Wolf®.

  • Singularity Core or higher SentinelOne license
  • Admin permissions for the applicable SentinelOne environment

Create a SentinelOne API token

For more information, see Overview of Service Users.
  1. Go to https://prefix.sentinelone.net, where prefix is the prefix value that SentinelOne provided to you.
  2. Sign in to the SentinelOne console with administrator permissions.
  3. In the navigation menu, click "" Settings .
  4. In the navigation menu, click Service Users.
  5. Select the service user who created the original API token.
  6. Click Actions > Copy User.
  7. In the Create New Service User dialog, rename the service account, for example, SentinelOne Arctic Wolf Sensor year.
  8. In the Expiration Date section, make sure that 2 Years is selected.
  9. Click Next.
  10. Make sure that the scope of access matches the service user that you copied.
  11. Click Create User.
  12. If prompted, authenticate your user, and then click Confirm Action.
  13. In the API Token dialog, copy the API Token value, and then save it in a safe, encrypted location to provide to Arctic Wolf later.

Update cloud credentials

  1. Sign in to the Arctic Wolf Unified Portal.
  2. In the navigation menu, click Data Collection > Cloud Sensors.
  3. Optional: Filter the list of cloud sensors, as needed.
  4. For the account that you want to update, click View Account.
  5. Click Edit Information.
  6. In the Token and Secret field, clear the Use existing value checkbox.
  7. Enter the new token and secret.
  8. In the Credential Expiry field, enter the new expiry date.
  9. Click Save Changes.