# Bloodhound Enterprise

{% hint style="info" %}

## This integration is currently in <mark style="color:$warning;">Beta</mark> release phase.

{% endhint %}

### Overview

Identity Intelligence integrates with BloodHound Enterprise to ingest attack path findings and related identity exposure insights. This enables Identity Intelligence to help identify users that appear on identity-based attack paths—paths that represent sequences of relationships and permissions an adversary could abuse to escalate privileges or reach high-value assets (for example, by chaining group memberships, delegated rights, and administrative roles).

### Requirements

To complete this integration, you must have Administrative access to BloodHound Enterprise to generate API credentials.

You must also have administrative access to your Identity Intelligence tenant.

### Get Your Bloodhound Domain

You can find your BloodHound Domain by:

* Checking your BloodHound Enterprise welcome email or onboarding documentation
* Contacting your BloodHound administrator
* Looking at the URL in your browser when logged into BloodHound Enterprise

### Create a BloodHound Enterprise API Token

In BloodHound Enterprise, go to Settings (gear icon) > Administration, Users > Manage users. \
\
Click the three lines options menu for the user user which the API token will run.  Click generate an API token, provide a name for the token, and copy the displayed Token ID and Token Key.&#x20;

Follow the BloodHound Enterprise product documentation for more detailed guidance on token creation.

{% hint style="info" icon="exclamation" %}
The Token Key is shown only once. If you lose it, you must revoke the token and create a new one. Store these credentials in a secure location.
{% endhint %}

**Note**: For security, Cisco recommends using the least privileged token that still allows the integration to function.

### Configure the BloodHound Enterprise integration in Identity Intelligence

1. In Cisco Identity Intelligence, go to Integrations.
2. Click Add Integration.
3. For BloodHound Enterprise, click **Add Integration.**

<figure><img src="/files/Yn1rVSPpUU6MbpjwqVpp" alt=""><figcaption></figcaption></figure>

1. In General Settings, enter:
   1. **Name** for this integration instance.
   2. **BloodHound Domain**: Your BloodHound Enterprise domain name.
   3. **Token ID:** API token ID you found earlier.
   4. **Token Key**: API token key you found earlier.
2. Click **Connect**.
3. To verify the connection, open the integration’s 3-dot menu and click **Test Connectivity**. The message `Connected!` displays to indicate that everything is working.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.oort.io/integrations/bloodhound-enterprise.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.