Open
Conversation
- New product/admin/external-insights.mdx overview page covering how external insights work, where risk scores surface, and prerequisites - Update baton/crowdstrike.mdx to add capabilities note and new "Enable risk score ingestion" section with early access callout Both pages are marked early access with placeholder Notes for the CrowdStrike API scopes and ConductorOne UI toggle steps, which are pending finalization. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Contributor
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughAdds a new External insights admin doc and updates the CrowdStrike integration doc to document Falcon Identity Protection risk score ingestion, including prerequisites, enablement steps, UI placement, and early‑access warnings. Changes
Sequence Diagram(s)mermaid Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches
🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@baton/crowdstrike.mdx`:
- Around line 245-272: The "Add required API scopes" and "Enable ingestion in
ConductorOne" sections contain unresolved placeholders that prevent users
completing setup; replace the generic Note placeholders with concrete interim
guidance and clear TODO markers: under the "Add required API scopes" heading
list an example scope format and a placeholder bullet like
"<SCOPE_NAME_PLACEHOLDER>" plus an explicit "TODO: replace with final scope
names" line, and under "Enable ingestion in ConductorOne" add step-by-step UI
instructions the user should follow once labels are finalized (e.g., "Navigate
to Settings > Integrations > ConductorOne > Enable risk score ingestion, toggle
X, save"), include an instruction to update the page when final scope names and
exact UI labels are available, and add a short contact or issue reference (e.g.,
support or repo issue link) so readers can request the missing details; update
the headings' content accordingly.
In `@product/admin/external-insights.mdx`:
- Line 30: The phrase "informed certify or revoke decisions" is awkward; locate
the sentence containing "informed certify or revoke decisions" and reword it to
improve clarity, for example change it to "informed decisions to certify or
revoke" or "informed decisions to certify or revoke access" so the action reads
naturally and clearly in the review task description.
baton/crowdstrike.mdx
Outdated
Comment on lines
+245
to
+272
| ### Add required API scopes | ||
|
|
||
| The CrowdStrike API client you created during connector setup needs additional scopes to access risk score data. | ||
|
|
||
| <Steps> | ||
| <Step> | ||
| Sign into the Falcon console and navigate to **Support** > **API Clients and Keys**. | ||
| </Step> | ||
| <Step> | ||
| Find the API client you created for the ConductorOne integration and click to edit it. | ||
| </Step> | ||
| <Step> | ||
| In the **API SCOPES** section, add the following scopes: | ||
|
|
||
| <Note> | ||
| The specific scopes required for risk score ingestion will be documented here once finalized. | ||
| </Note> | ||
| </Step> | ||
| <Step> | ||
| Click **Save**. | ||
| </Step> | ||
| </Steps> | ||
|
|
||
| ### Enable ingestion in ConductorOne | ||
|
|
||
| <Note> | ||
| The ConductorOne configuration steps for enabling risk score ingestion will be documented here once the UI is finalized. | ||
| </Note> |
Contributor
There was a problem hiding this comment.
Setup steps are currently incomplete for users.
Lines 257-272 leave critical setup details as placeholders (required API scopes and ConductorOne UI steps). In current form, readers cannot complete configuration end-to-end.
🛠️ Suggested interim fix (until final details are ready)
### Add required API scopes
The CrowdStrike API client you created during connector setup needs additional scopes to access risk score data.
@@
<Step>
In the **API SCOPES** section, add the following scopes:
-
- <Note>
- The specific scopes required for risk score ingestion will be documented here once finalized.
- </Note>
+ Contact ConductorOne Support for the current required scope list for your tenant and Falcon API version.
</Step>
@@
### Enable ingestion in ConductorOne
-<Note>
-The ConductorOne configuration steps for enabling risk score ingestion will be documented here once the UI is finalized.
-</Note>
+Risk score ingestion is enabled through an early-access configuration path. Contact ConductorOne Support to enable the ingestion toggle for your connector.If you want, I can draft the final step format now so you only need to fill in exact scope names and UI labels later.
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| ### Add required API scopes | |
| The CrowdStrike API client you created during connector setup needs additional scopes to access risk score data. | |
| <Steps> | |
| <Step> | |
| Sign into the Falcon console and navigate to **Support** > **API Clients and Keys**. | |
| </Step> | |
| <Step> | |
| Find the API client you created for the ConductorOne integration and click to edit it. | |
| </Step> | |
| <Step> | |
| In the **API SCOPES** section, add the following scopes: | |
| <Note> | |
| The specific scopes required for risk score ingestion will be documented here once finalized. | |
| </Note> | |
| </Step> | |
| <Step> | |
| Click **Save**. | |
| </Step> | |
| </Steps> | |
| ### Enable ingestion in ConductorOne | |
| <Note> | |
| The ConductorOne configuration steps for enabling risk score ingestion will be documented here once the UI is finalized. | |
| </Note> | |
| ### Add required API scopes | |
| The CrowdStrike API client you created during connector setup needs additional scopes to access risk score data. | |
| <Steps> | |
| <Step> | |
| Sign into the Falcon console and navigate to **Support** > **API Clients and Keys**. | |
| </Step> | |
| <Step> | |
| Find the API client you created for the ConductorOne integration and click to edit it. | |
| </Step> | |
| <Step> | |
| In the **API SCOPES** section, add the following scopes: | |
| Contact ConductorOne Support for the current required scope list for your tenant and Falcon API version. | |
| </Step> | |
| <Step> | |
| Click **Save**. | |
| </Step> | |
| </Steps> | |
| ### Enable ingestion in ConductorOne | |
| Risk score ingestion is enabled through an early-access configuration path. Contact ConductorOne Support to enable the ingestion toggle for your connector. |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@baton/crowdstrike.mdx` around lines 245 - 272, The "Add required API scopes"
and "Enable ingestion in ConductorOne" sections contain unresolved placeholders
that prevent users completing setup; replace the generic Note placeholders with
concrete interim guidance and clear TODO markers: under the "Add required API
scopes" heading list an example scope format and a placeholder bullet like
"<SCOPE_NAME_PLACEHOLDER>" plus an explicit "TODO: replace with final scope
names" line, and under "Enable ingestion in ConductorOne" add step-by-step UI
instructions the user should follow once labels are finalized (e.g., "Navigate
to Settings > Integrations > ConductorOne > Enable risk score ingestion, toggle
X, save"), include an instruction to update the page when final scope names and
exact UI labels are available, and add a short contact or issue reference (e.g.,
support or repo issue link) so readers can request the missing details; update
the headings' content accordingly.
product/admin/external-insights.mdx
Outdated
|
|
||
| **Access review campaigns** | ||
|
|
||
| Reviewers see an identity's risk score and severity on each review task, alongside entitlement data. The risk factors — the specific reasons CrowdStrike assigned that score — are available inline. Reviewers can use this context to prioritize high-risk identities and make more informed certify or revoke decisions. |
Contributor
There was a problem hiding this comment.
Tighten wording on the review action phrase.
Line 30 reads awkwardly (“informed certify or revoke decisions”). A small phrasing tweak will improve clarity.
✏️ Suggested copy edit
-Reviewers see an identity's risk score and severity on each review task, alongside entitlement data. The risk factors — the specific reasons CrowdStrike assigned that score — are available inline. Reviewers can use this context to prioritize high-risk identities and make more informed certify or revoke decisions.
+Reviewers see an identity's risk score and severity on each review task, alongside entitlement data. The risk factors — the specific reasons CrowdStrike assigned that score — are available inline. Reviewers can use this context to prioritize high-risk identities and make more informed certify-or-revoke decisions.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| Reviewers see an identity's risk score and severity on each review task, alongside entitlement data. The risk factors — the specific reasons CrowdStrike assigned that score — are available inline. Reviewers can use this context to prioritize high-risk identities and make more informed certify or revoke decisions. | |
| Reviewers see an identity's risk score and severity on each review task, alongside entitlement data. The risk factors — the specific reasons CrowdStrike assigned that score — are available inline. Reviewers can use this context to prioritize high-risk identities and make more informed certify-or-revoke decisions. |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@product/admin/external-insights.mdx` at line 30, The phrase "informed certify
or revoke decisions" is awkward; locate the sentence containing "informed
certify or revoke decisions" and reword it to improve clarity, for example
change it to "informed decisions to certify or revoke" or "informed decisions to
certify or revoke access" so the action reads naturally and clearly in the
review task description.
Contributor
There was a problem hiding this comment.
♻️ Duplicate comments (1)
baton/crowdstrike.mdx (1)
246-267:⚠️ Potential issue | 🟠 MajorRisk-ingestion setup is still incomplete for users.
Line 258 still has
TBD, and there are no ConductorOne-side enablement steps before the “That’s it” statement on Line 266. Users still can’t complete this flow end-to-end from docs alone.🛠️ Suggested doc fix
### Add required API scopes @@ <Step> - In the **API SCOPES** section, add the following scopes: TBD + In the **API SCOPES** section, add the scopes required for Falcon identity risk score ingestion. + + <Note> + TODO: Replace with finalized CrowdStrike scope names. + Until finalized, contact ConductorOne Support for the exact scope list for your tenant and Falcon API version. + </Note> </Step> @@ </Steps> -**That's it!** Your CrowdStrike connector will now sync risk score data into ConductorOne. See [External insights](/product/admin/external-insights) for details on where to see this data in the UI. +### Enable ingestion in ConductorOne + +<Note> +TODO: Replace with finalized ConductorOne UI navigation and control labels. +Until finalized, contact ConductorOne Support to enable the risk score ingestion toggle for this connector. +</Note> + +After both API scopes and the ConductorOne ingestion toggle are configured, your connector will sync risk score data into ConductorOne. See [External insights](/product/admin/external-insights) for where this data appears in the UI.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@baton/crowdstrike.mdx` around lines 246 - 267, The "Add required API scopes" step currently leaves the scopes as `TBD` and skips ConductorOne-side enablement; replace `TBD` with the exact CrowdStrike API scopes required for risk ingestion (e.g., the specific Falcon API scope strings needed to read host/user risk and detections) in the Steps block, and add a short sequence of ConductorOne enablement steps before the "That's it!" line describing how to enable risk ingestion in ConductorOne (navigate to External Insights or the connector settings, enable risk scoring/external insights for the CrowdStrike connector, map the risk fields if required, and save/apply the change) so the doc provides a complete end-to-end flow.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Duplicate comments:
In `@baton/crowdstrike.mdx`:
- Around line 246-267: The "Add required API scopes" step currently leaves the
scopes as `TBD` and skips ConductorOne-side enablement; replace `TBD` with the
exact CrowdStrike API scopes required for risk ingestion (e.g., the specific
Falcon API scope strings needed to read host/user risk and detections) in the
Steps block, and add a short sequence of ConductorOne enablement steps before
the "That's it!" line describing how to enable risk ingestion in ConductorOne
(navigate to External Insights or the connector settings, enable risk
scoring/external insights for the CrowdStrike connector, map the risk fields if
required, and save/apply the change) so the doc provides a complete end-to-end
flow.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: c5a3c508-8054-47c7-bf12-29dcd2e59bd9
📒 Files selected for processing (2)
baton/crowdstrike.mdxproduct/admin/external-insights.mdx
🚧 Files skipped from review as they are similar to previous changes (1)
- product/admin/external-insights.mdx
Identity Protection Entities: Read scope is required to sync identity risk scores (confirmed in baton-crowdstrike README). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
mindymo
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
product/admin/external-insights.mdxoverview page explaining how external insights work, where risk scores surface in the UI (inventory, access reviews, access requests), and prerequisitesbaton/crowdstrike.mdxwith a capabilities note and new Enable risk score ingestion sectionBoth pages carry the standard early access callout. Two
<Note>placeholders remain in the CrowdStrike section pending:Test plan
external-insights.mdxrenders correctly on the docs site#enable-risk-score-ingestionresolves correctly from the overview page card<Note>blocks are visually clear to reviewers🤖 Generated with Claude Code
Summary by CodeRabbit
New Features
Navigation
Documentation