This guide outlines the prerequisites required to successfully integrate SentinelOne logs with the Hoplon platform. Please complete these steps before the scheduled onboarding session.
Before the integration make sure you have these:
SentinelOne EDR Subscription (Endpoint Security - Complete SKU and Remote Script Orchestration Addon)
Admin access to the Console
Before beginning the integration, you will need to provide:
API Token (Service User recommended)
Base URL (Your SentinelOne instance URL)
We recommend using a Service User account for API token generation as it allows for longer expiration periods (up to 2 years), reducing the maintenance burden of frequent token renewals.
Navigate to Service Users
Log in to your SentinelOne admin console
Go to: {base_url}/settings/users/service-users
Create New Service User
Click Actions > Create New Service User
Fill in the following details:
Name: hoplon-api (or similar descriptive name)
Description: Retrieve logs for Hoplon integration
Duration: Select 1y or 2y (1-2 years recommended)
Longer expiration reduces the need for frequent key rotation
Set Scope of Access
Recommended: Viewer role
Sufficient for read-only operations
More secure with minimal permissions
Alternative: Admin role
Required for Email Address Enrichment: If you want to enable Hoplon's email address enrichment feature, you must use the Admin role
This feature tags endpoints to user email addresses for better asset management
Provides enhanced visibility and tracking of devices by user
Higher permissions but enables advanced Hoplon platform features
Save and Copy API Token
After creation, copy the generated API token immediately
Important: Store this token securely - it will not be shown again
Provide this token to your Hoplon integration team
This method generates tokens that expire after 30 days, requiring monthly renewal.
Log in to the SentinelOne admin console
Navigate to: My User > Actions > API Token Operations > Generate API Token
Copy the generated user token
Generate an authentication token using the user token
Note: Due to the 30-day expiration limitation, this method is not recommended for production integrations.
The Base URL is required to construct API endpoints for log retrieval.
Identify Your Instance URL
Log in to your SentinelOne platform
Copy the URL from your browser's address bar
This is your Base URL
Example Format:
https://your-company.sentinelone.net
https://usea1-partners.sentinelone.net
Provide to Integration Team
Share this URL with your Hoplon integration team
Before your scheduled onboarding session, ensure you have:
Created a Service User account in SentinelOne
Generated an API token with appropriate expiration (1-2 years)
Assigned the correct scope (Viewer recommended)
Securely stored the API token
Identified and documented your Base URL
Provided both the API token and Base URL to your Hoplon integration team
Token Storage
Store API tokens in a secure password manager or secrets vault
Never share tokens via unencrypted channels
Limit access to authorized personnel only.
Token Rotation
Plan to rotate tokens before expiration
Update tokens in Hoplon when rotated
If you encounter any issues during the prerequisite setup:
SentinelOne Issues: Contact your SentinelOne administrator or support team
Hoplon Integration Questions: Contact Hoplon integration team
Item
Details
Service User Name |
|
Token Duration | 1-2 years |
Recommended Role |
|
Base URL Format |
|
Token Expiration | Set calendar reminder 30 days before expiration |
Document Version: 1.0
Last Updated: January 2026
