Can the SentinelOne plugin for InsightConnect connect with SentinelOne management console via an API token? It appears the only way is through username/password credentials according to here: Rapid7 Extensions
This is in light of SentinelOne issuing mandatory 2FA which may be challenging to manage whenever a workflow is run that requires authentication to SentinelOne to perform actions.
There is not one at this time, I know it is something they are actively looking at. I can provide an update when I have more of a definitive timeframe.
Authentication methods currently supported by the SentinelOne plugin:
Service User Role Plugin (Supported on Plugin Version 8.0 & later) - This is the latest authentication role created within the SentinelOne platform. This role does not allow direct SentinelOne console login. To create this connection within InsightConnect you need an API key, and the SentinelOne Platform URL.
API Authentication (Supported on Plugin Version 7.0 & later) - This replaced basic auth as the authentication method earlier this year. In order to utilize this method you will need an email address, API key, and SentinelOne Platform URL.