MetaDefender IT Access Integration Guide

Getting Started

  1. Sign up for an account with OPSWAT, by clicking here.

  2. Log into the MetaDefender IT Access console to set up your account for testing, by clicking here.

  3. If you choose client-based integration, refer to Custom Policy Check. This is only supported on Windows and macOS.

    1. When a user logs into a protected application, your agent needs to check whether the OPSWAT Agent processes are running and verify device compliance based on the registry value or plist file.

  4. If you choose cloud-based integration:

    1. Log into the MetaDefender IT Access OAuth Portal to register an OAuth application for your test account. Guidelines for this integration can be found here. You will need the client key and client secret to query device compliance information later.

    2. Choose a method to retrieve the device ID generated by the OPSWAT Agent for a device. We recommend using the Cross-Domain API for PCs (Windows, macOS, Linux) and Universal Link (URL scheme approach) for mobile devices. The device’s MAC address can be used as an alternative only on Windows and MacOS; However, cross-domain is highly recommended.

      1. Cross-domain API
      2. Universal link

    3. When a user logs into a protected application, your agent needs to check whether the MetaDefender Endpoint processes are running and verify device compliance based on the registry value or p-list file. More information on the API for device's details can be found here.

    4. Enable Webhook (available only for paid accounts) to receive updates on device status and cache that data on your side to reduce latency between cloud-to-cloud communication.

  5. Your system should make decisions about granting device access based on the device compliance status.

  6. Start implementation and test it out.

Summary

  • Sign up for an account on OPSWAT MetaDefender IT Access
  • Create an application on the MetaDefender IT Access OAuth portal to obtain the client key and client secret.
  • Enable Cross-domain API settings in Settings > Integrations, on their MetaDefender IT Access account if you’re using the cross-domain API to query device ID.
  • Input the MetaDefender IT Access settings into your portal:
    • Cross-domain API port as configured on the MetaDefender IT Access console, if your solution uses the cross-domain API to query the device id.
    • URL of MetaDefender IT Access where the account is set up. (for example: metaaccess.opswat.com).
    • Client key and client secret of the app created on the MetaDefender IT Access OAuth Portal. Your solution will use the MetaDefender IT Access URL, client key, and client secret entered by the customer to query the device status.
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
PingOne DaVinci Guide
On This Page
MetaDefender IT Access Integration GuideGetting StartedSummary