The following integration instances have been changed in Cortex XSOAR 8.
Integration | Description | Change Type | Comments |
---|---|---|---|
SAML | SAML authentication is part of the Cortex XSOAR platform | Changed | NoteAs a part of the migration, the SAML integration is converted to the SSO settings on the platform level. In Cortex XSOAR 8, you need to Configure Single Sign-On Using SAML 2.0. |
LDAP Authentication | Currently not supported, planned to become a part of the Cortex platform | Removed | |
Microsoft Teams | To use the rerouting configuration in Cortex XSOAR 8, you must use the Microsoft Teams content pack 1.4.43 or higher, and recreate the Demiso Bot in Microsoft Teams. | Changed | For more information about Microsoft Teams and how to reconfigure it, see Microsoft Teams. |
Not supported. | Removed |
Note
If you have a custom (BYOI) integration that receives incoming traffic enabled on a custom port, your environment cannot be migrated at this time.
Reconfigure Integrations
When configured without an engine, you may need to update the several long-running integrations by changing the URL from https://<cortex-xsoar-address>/instance/execute/<instance_name>/
to the following:
Cloud:
https://ext-<xsoar-tenant>.crtx.<region>.paloaltonetworks.com/xsoar/instance/execute/<instance-name>
. For more information, see Long Running Integrations.On-prem:
https://ext-<xsoar-tenant>/xsoar/instance/execute/<instance-name>
. For more information, see Long Running Integrations.
The following table describes the long-running integrations that may need to be updated.
Integration | Description | See More |
---|---|---|
O365 Teams (Using Graph API) | Get authorized access to a user's Teams app in a personal or organizational account. | |
Generic Webhook | Creates incidents on event triggers. The trigger can be any query posted to the integration. | |
Generic Export Indicators Service | Use the Generic Export Indicators Service integration to provide an endpoint with a list of indicators as a service for the system indicators. You can set up the tenant to export internal data to an endpoint. NoteThis integration replaces the External Dynamic list integration, which is deprecated. | |
TAXII Server | Provides TAXII Services for system indicators (Outbound feed). | |
TAXII2 Server | Provides TAXII2 Services for system indicators (outbound feed). You can choose to use TAXII v2.0 or TAXII v2.1. | |
XSOAR-Web-Server | Supports handling configurable user responses (like Yes/No/Maybe) and data collection tasks that can be used to fetch key value pairs. | |
PingCastle | Listens for PingCastle XML reports. | |
Publish List | Publishes Cortex XSOAR lists for external consumption. | |
Simple API Proxy | Provides a simple API proxy to restrict privileges or minimize the amount of credentials issued at the API. | |
Syslog v2 | Opens incidents automatically from Syslog clients. | |
Web File Repository | Makes your environment ready for testing purpose for your playbooks or automations to download files from a web server. |
Note
The service is only accessible via URL.
The custom port configured for long-running integrations is ignored.
Custom certificates are not supported.
Authentication (username/password) is mandatory.
Update the client that accesses the integrations to be URL-based only.
When configured via an engine, both port and URL-based access is supported. No changes need to be made.
Communication tasks through an engine
In Cortex XSOAR 6 you can use engines to enable users who do not have access to the Cortex XSOAR server to access the forms sent out in communication tasks in a playbook. This is not supported in Cortex XSOAR 8.