Skip to main content

Support

Whether you want to search for solutions or ask a question, dip into spaces designed for those who are new to our products or watch videos to help you learn the basics. You'll find a lot of content and our experts are here every day. Netskope is ready for anything!

Support Hero Image

Latest Expert Videos

view all
connect-image

Connect With

Netskope

Our team is making a lot of improvements. Most of these improvements won't happen overnight, but we are making progress and would benefit greatly from your feedback. Whether or not you asked a question in the Community, please take a few minutes to reach out to the Community team by direct message to @Rohit or send an email to community@netskope.com

Additional Resources

icon
Trust Portal
right-arrow-icon
icon
Documentation Library
right-arrow-icon
icon
Support Portal
right-arrow-icon
icon
Product Release Notes
right-arrow-icon
icon
Netskope Professional Services
right-arrow-icon
Stay Current On Netskope's Event Lineup
Netskope is positioned to help you begin your journey and discover where security, networking, and Zero Trust fit in the SASE world.
Explore Regional Events

Events calendar

Latest Blogs

Q/A Attached to: WhatsApp

Netskope Global Technical Success (GTS)Q/A Attached to: WhatsApp Netskope Cloud Version - 132 ObjectiveThe objective is to cover general Q/A attached to WhatsApp PrerequisiteNetskope Next-Gen SWG ContextWhatsApp is a SaaS application, and many customers want to understand Netskope’s capabilities for managing WhatsApp traffic and the types of controls that can be applied. Author NotesWhatsApp can be accessed either through a web browser or via its native application. Throughout this document, I will use the following terminology: “WhatsApp Web Access” when referring to WhatsApp accessed through a web browser. “WhatsApp Native Application” when referring to WhatsApp accessed through the native application. Q/A SectionQuestion 1: Does Netskope identify WhatsApp as a Cloud Application?Answer: Yes. Netskope identifies WhatsApp as a Cloud Application and provides a pre-defined Cloud App Connector.Path: Netskope Tenant UI >>> App Catalog >>> Cloud Question 2: Is Netskope’s pre-defined Cloud App Connector for WhatsApp applicable to WhatsApp Web Access or the WhatsApp Native Application?Answer: It applies only to WhatsApp Web Access  Question 3: What kind of controls can be applied to WhatsApp Web Access through Netskope’s pre-defined Cloud App Connector?Answer: Using Netskope's pre-defined Cloud App Connector for WhatsApp, you can control activities such as Download and Upload.Note: Netskope Product Management is working on a product enhancement request to add support for the Post activity as well. No release timelines available at the moment.  Question 4: Traffic destined to which domains will be counted under Netskope’s pre-defined Cloud App Connector for WhatsApp?Answer:wa.meweb.whatsapp.comwhatsapp.comwhatsapp.net  Question 5: Is it possible to block complete access to WhatsApp Web using Netskope’s pre-defined Cloud App Connector?Answer: YesRef.   Question 6: Is it possible to block Download and Upload activities on WhatsApp Web using Netskope’s pre-defined Cloud App Connector?Answer: YesRef.   Question 7: Is it possible to apply DLP controls to WhatsApp Web using Netskope’s pre-defined Cloud App Connector?Answer: YesNote: Customer with Extended RBI license can only apply the above controlsRef.  Question 8: Is it possible to apply Threat Protection controls to WhatsApp Web using Netskope’s pre-defined Cloud App Connector?Answer: YesNote: Customer with Extended RBI license can only apply the above controlsRef.  Question 9: Without an Extended RBI license, can DLP and Threat Protection controls be applied?Answer: No. An Extended RBI license is mandatory.  Question 10: Is it possible to restrict login to WhatsApp Web Access to a specific phone number?Answer: With the current Netskope product design, this is not possible.Interested customers may raise an IDEA with Netskope Product Management or contact their respective Accounts Team to request a Product Enhancement Request (ER).https://community.netskope.com/topic/newNote: IDEA can be submitted post logging in into Netskope Community  Question 11: Is it possible to apply file type controls to WhatsApp Web using Netskope’s pre-defined Cloud App Connector?Answer: Yes. An Extended RBI license is required.  Question 12: What about controls on the WhatsApp Native Application?Answer: The WhatsApp Native Application uses non-web ports for all activities. With the current Netskope product design, no activity controls are supported on non-web ports.  Question 13: Can we restrict end-user access to WhatsApp if they are using the WhatsApp Native Application?Answer: Yes. This can be achieved by creating a certificate-pinned application for the WhatsApp Native Application.Ref.  Terms and ConditionsAll documented information undergoes testing and verification to ensure accuracy. In the future, should any changes to Netskope best practices come to our attention, we will promptly update the documentation to reflect them. NotesThis article is authored by Netskope Global Technical Success (GTS). For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.

Mapping API v2 endpoints to RBAC v3 Roles

​Netskope Global Technical Success (GTS)Mapping API v2 endpoints to RBAC v3 Roles Netskope Cloud Version - 132 ObjectiveThe objective is to map map API v2 endpoints to RBAC v3 Roles PrerequisiteNetskope SWG or Next-Gen SWG license is requiredLogged in user should have Predefined Tenant Admin role assigned ContextThe customer aims to map the API v2 endpoints to the new RBAC v3 role. This knowledge base article explains how to correctly create a role with exact mapping of endpoints. Topics coveredHow to create a custom Role as per RBAC v3How to map the endpoint to roleHow to create a Service accountHow to generate an API tokenHow to change the expiration of API token Do You Know?As of Nov 7, 2025, Netskope has introduced new RBAC V3, users will not be able to create new token or change expiration of api  from path Netskope Tenant UI >>> Settings >>> Tools >> API v2 RBAC V3 provides functional controls and uniform authorization for both WebUI and REST API based interactions. Admins can use automated service accounts without risk of these accounts being able to access the web UI. API access tokens are now issued to a user or a service account (instead of at the tenant level) along with expiry/renewal workflow. Clone of Tenant Admin role will not be able to create Service account OverviewIn Role-Based Access Control (RBAC) V3, a Tenant Admin has the highest level of administrative permissions within their tenant, including the ability to manage other administrators and roles. However, when a user attempts to create or clone a role, the permission "Administration > Admins > Manage" is intentionally disabled for all roles other than the core Tenant Admin role. This is not a bug, but rather an expected and critical security feature designed to prevent privilege escalation. The Purpose of the Security ControlThe primary reason for this behavior is to maintain a secure and robust RBAC framework. The ability to manage other administrators and roles is a unique privilege reserved exclusively for the pre-defined Tenant Admin role. This restriction is a fundamental principle of the RBAC V3 design and applies to all user-created or cloned roles, not just those derived from the Tenant Admin role. Here's why this security control is in place:Preventing Privilege Escalation: If any user could create a new role and grant it the ability to manage other admins and roles, it would create a potential loophole. A malicious actor could create a new role with this permission and then use it to create new users or roles with even higher privileges, effectively bypassing the security controls. This could allow them to grant full administrative access to unauthorized users. Maintaining a Secure Hierarchy: The RBAC V3 model is designed with a clear and secure hierarchy. The Tenant Admin role acts as the root administrator for the tenant. Allowing other, potentially less-controlled roles to manage admins would compromise this structure and make it difficult to track and control administrative permissions. Ensuring the Integrity of the RBAC System: By restricting the "Manage" permission to the original Tenant Admin role, the system ensures that the fundamental controls for user and role creation remain in a trusted and uncompromised state. This prevents a user with a non-standard or cloned role from rendering the RBAC controls ineffective. Expected BehaviorThe only predefined role that has "Administration > Admins > Manage" permission is the Tenant Admin. When any other role is created or cloned, the "Administration > Admins > Manage" permission will be grayed out and disabled. This is a deliberate design choice to protect against privilege escalation.This design ensures that only the designated Tenant Admin can perform critical functions like creating new roles and managing user accounts, thus protecting the integrity of the entire system.  Parent RBAC v3 Article Netskope RBAC V3 Overview https://docs.netskope.com/en/managing-administrators-for-rbac-v3   ConfigurationFor step-by-step configuration review the below Video:will be uploaded soontentative date 02 Dec 2025 Video will cover the below steps: Step 1: Create a custom RoleStep 2: Map the endpoint to the roleExample Endpoints:/api/v2/events/dataexport/events/application/api/v2/events/dataexport/events/auditFollow the same process for all the endpointsStep 3: Create a Service AccountStep 4: Generate the API Terms and ConditionsAll documented information undergoes testing and verification to ensure accuracy. In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them. NotesThis article is authored by Netskope Global Technical Success (GTS). For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.

Webinar Recording is Available Now!! Netskope Cloud Exchange v6.0 Updates Webinar

Great news! If you missed our live session on the Cloud Exchange v6.0 Updates & Customer/Partner Enablement Session—or want to review the content—the recording is now available!Product Management Director Agasthiamani Sankaran walked through the critical updates, including: What's NEW in v6.0: New features and value proposition. Performance & Cost Optimization. Upgrade & Migration Path guidance. CE Product Life Cycle overview for long-term planning. Click here for recording:-  Partners Customers

Connect With Customer Support
01 Support Portal
accordion image

The best method for communicating a support request with Netskope is via the Netskope Support Portal which is available to Netskope customers.
If you or a member of your team does not have access, please email support@netskope.com and we?ll get you set up.

02 Telephone
accordion image
  • United States of America: +1 (800) 685-2098 (For sales, please call +1 (800) 979-6988)
  • Australia: 1800-505-486
  • Netherlands: 080-0022-4983
  • Germany: 080-0231-1111
  • Singapore: 80-0130-2191
  • India: 00080-0100-4400
  • United Kingdom: 080-0098-8865
03 Email
accordion image

You can always reach out to our support team via email at support@netskope.com. To best handle your request, please provide the following information:

  • Nature of the request (please provide as much detail as possible and screenshots if you have them)
  • Level of urgency
  • Number of users affected
  • Contact details for getting in touch with you or an appropriate member of your team to address the issue
  • Relevant support ticket/case details if you?ve already opened a ticket over the phone or via the Netskope Support Portal
Terms & ConditionsCookie settingsAccessibility statement