# Mimecast SureCloud connects to Mimecast to retrieve email security policy configuration, threat protection statistics, content examination policy status, and archiving settings. This allows SureCloud to verify that Mimecast's email security controls are active and correctly configured — confirming that inbound and outbound policies, attachment sandboxing, URL protection, and email archiving are operating as required. ## Authentication and setup Mimecast uses an application-based authentication model with an Application ID, Application Key, Access Key, and Secret Key. SureCloud uses credentials generated within the Mimecast Administration Console. {% stepper %} {% step %} **Create a dedicated API application in Mimecast** Log in to the Mimecast Administration Console. Navigate to **Administration → Services → API and Platform Integrations → Your Application Integrations** and click **Add API Application**. Name it `SureCloud CCM`, select **Server-side Integration**, and click **Save and Close**. Note the **Application ID** and **Application Key**. {% endstep %} {% step %} **Generate Access Key and Secret Key** From the API application page, click **Request Keys**. Mimecast will send an authorisation email to the account owner. Approve the request in the email. Return to the application settings and copy the **Access Key** and **Secret Key**. {% endstep %} {% step %} **Enter the credentials in SureCloud** Navigate to **SureCloud → Integrations → Mimecast → Connect**. Enter the **Application ID**, **Application Key**, **Access Key**, and **Secret Key**. Also enter your Mimecast region base URL (e.g. `https://eu-api.mimecast.com` for EU customers). Click **Save** and then **Test Connection**. {% endstep %} {% endstepper %} {% hint style="warning" %} Store the Access Key and Secret Key securely. SureCloud encrypts them at rest, but treat them as sensitive credentials. Rotate them every 90 days in the Mimecast Administration Console and update them in **SureCloud → Integrations → Mimecast → Edit Connection**. {% endhint %} ## Endpoints | API Call | Use Case | | ----------------------------------------------------- | -------------------------------------------------------------- | | `POST /api/audit/get-audit-events` | Retrieve audit log events for administrative activity evidence | | `POST /api/policy/blockedsenders/get-policy` | Retrieve blocked sender policy configuration | | `POST /api/policy/content-examination/get-policy` | Retrieve content examination (DLP) policy status | | `POST /api/policy/url-protect/get-policies` | Retrieve URL protection policy configuration | | `POST /api/policy/attachment-management/get-policies` | Retrieve attachment sandboxing policy configuration | | `POST /api/archive/get-settings` | Retrieve email archiving configuration and retention settings | | `POST /api/account/get-account` | Retrieve account details and product feature configuration | ## Pagination `POST /api/audit/get-audit-events` supports page token pagination. SureCloud includes the `pageToken` from each response in the next request until no `pageToken` is returned. ```json POST /api/audit/get-audit-events { "data": [{ "pageToken": "" }] } ``` Policy endpoints return complete result sets in a single response for most account configurations. ## Required permissions SureCloud requires a Mimecast API application associated with an administrator account that has read access to: * Audit logs * All email security policies (URL protection, attachment management, content examination) * Archive settings * Account configuration The Mimecast API application must be approved by an account administrator as part of the key request process. ## Polling frequency | Data Type | Interval | | ----------------------------------- | -------------- | | Audit log events | Every 6 hours | | Email security policy configuration | Every 24 hours | | Archive settings | Every 24 hours | | Account configuration | Every 24 hours | ## Troubleshooting
Connection test returns "Authentication Failed" One or more of the four credential values is incorrect. Mimecast requires all four fields — Application ID, Application Key, Access Key, and Secret Key — to be correct simultaneously. Verify each value in the Mimecast Administration Console under **Services → API and Platform Integrations**. If keys have been lost, regenerate them by requesting new keys for the application.
Wrong region URL causes all API calls to fail Mimecast API endpoints are region-specific. Using the wrong base URL will result in authentication failures or connection errors. Confirm your region in the Mimecast Administration Console (EU: `eu-api.mimecast.com`, US: `us-api.mimecast.com`, DE: `de-api.mimecast.com`, etc.) and update the URL in **SureCloud → Integrations → Mimecast → Edit Connection**.
Policy endpoints return empty responses If a policy type has not been configured in your Mimecast account, its endpoint will return an empty data array. This is expected — an empty response for a policy endpoint indicates the policy has not been set up, which may itself be a finding for your compliance posture. Verify in the Mimecast console whether the policy type is active.
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://surecloud.gitbook.io/surecloud-docs/integrations/ccm-and-evidence-collection-integrations/mimecast.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.