Create an Enrollment Token

Enrollment tokens authenticate sensors during their initial registration with AttackLens. You must create a token before deploying any sensor. Each token can be used to enroll one or many sensors, depending on your configuration.

INFO

Requires Posture Manager role or higher.

Before You Begin

Plan your token strategy before creating tokens. Consider:

• Grouping: Create separate tokens for different environments (Production, Staging, Development) or departments (Engineering, Finance, Operations). This makes it easier to manage and revoke access by scope.
• Expiry: Set an expiration date to limit the window during which the token can be used. Short-lived tokens are more secure for one-time deployments.
• Scope: Tokens can be scoped to specific asset groups so that sensors enrolled with the token are automatically associated with the correct group.

Step 1: Navigate to Enrollment Tokens

Go to Sensors > Enrollment Tokens in the left sidebar.

Step 2: Click Create Token

Click the Create Token button in the top-right corner of the page.

Step 3: Configure the Token

Fill in the following fields:

Name (Required)

A descriptive label that helps you identify the token's purpose. Use a naming convention that reflects the target environment or scope.

Examples:

• Production Servers - US East
• Development Workstations
• Finance Department Endpoints
• One-time deploy - server42

Scope

Define which asset group the sensors enrolled with this token will be associated with. This is optional but recommended for organizations with many endpoints.

• All Assets: Sensors can enroll without being assigned to a specific group.
• Specific Asset Group: Select an existing asset group. Sensors enrolled with this token will automatically be linked to the selected group.

Expiry

Set an optional expiration date and time for the token.

• No expiry: The token remains valid until manually revoked or deleted.
• Custom date: The token becomes invalid after the specified date and time. Any enrollment attempt after expiry will be rejected.

TIP

For large-scale rollouts, set the expiry to a few days after your planned deployment window. This limits exposure if the token is accidentally leaked.

Step 4: Create the Token

Click Create. AttackLens generates the token and displays it on screen.

Step 5: Copy the Token

IMPORTANT

The token value is displayed only once. Copy it immediately and store it securely. After you close this dialog, you will not be able to view the token value again. If you lose it, you must create a new token.

Click the Copy button to copy the token to your clipboard. You will use this value in the --token parameter when enrolling sensors.

Store the token securely:

• Use a password manager or secrets vault.
• Do not paste it into unencrypted documents, emails, or chat messages.
• If you are scripting a deployment, use environment variables or a secrets manager rather than hardcoding the token.

What Happens Next

After creating the token, you are ready to deploy sensors. Follow the deployment guide for your target platform:

• Deploy on Linux
• Deploy on Windows
• Deploy on macOS

Each sensor that enrolls with this token will appear in the Sensors list and begin reporting data to AttackLens.

Token Limits

There is no hard limit on the number of tokens you can create. However, as a best practice:

• Revoke tokens that are no longer needed.
• Delete tokens that have expired and will not be reused.
• Audit token usage by checking how many sensors have enrolled with each token in the Manage Enrollment Tokens page.