Introduction
This guide is designed for users who want to enable Dark Web ID integration with Autotask. It walks you through a step-by-step integration process.
Integration Overview
The functionality is a significant Dark Web ID enhancement that leverages integration with Autotask.
- This integration improves customers' ability to manage compromises by creating a PSA ticket within Autotask for each new compromise. This allows users to more easily track, manage, and remediate compromises as they are alerted.
Prerequisites
- You must have access to both Dark Web ID and Autotask accounts.
To Get Started
Enter your credentials on the Autotask page and click LOG IN.
Instructions to Configure Autotask
The below section covers the step-by-step Autotask configuration permissions workflow.
Create API user for Autotask
To create an API user for Autotask, follow these steps:
1. Go to Hamburger menu > Admin > Commonly Used > Resources (Users).
2. Click the drop-down menu next to the + New button and select New API User.
3. Fill in the required fields in the API Tracking Identifier section, and select ID Agent - Identity Management in the Integration Vendor field.
You can create a new Username (Key) and Password (Secret) if needed.
You can generate the API key if you feel a breach/security attack might occur or want to use the new security key as a proactive security measure.
4. Click Save & Close. This will add a new API user to the application.
Enabling Integration
To enable Dark Web ID integration with Autotask, follow these steps:
1. Log in to the Dark Web ID.
2. On the Partner Dashboard page, navigate to the left panel and click Integrations.
3. Click New Integration under the PSA tab to define your ticketing integration.
4. This page shows the available integration services. Select the AutoTask service from the New Integration drop-down menu.
5. Name your integration on the Create Integration page and enter your Autotask login credentials (login to Autotask):
- Autotask API version: The region is selected to identify your Autotask API version. It is recommended to use the 1.6 version.
- Enter your Autotask username and password.
- Click Save.
6. You will see the Autotask authentication successful message as shown.
7. Make sure to edit your organization names to match them across both products. The Dark Web ID organization titles should exactly match Autotask account names.
8. Populate required content as it should map to Autotask service ticket fields. Use the Dark Web ID tokens to add context to your service tickets.
Note: One Dark Web ID SMB organization can only be mapped to one Autotask service ticket.
Available Dark Web ID Tokens
[uuid] UUID (text) – Dark Web ID's unique identifier for the compromise
[password] Password Hit (text (255)) – The password hit associated with the compromise
[obscured_password] Password Hit (Obscured) (text (255)) – The password hit related to the compromise is obscured with asterisks after the first four characters.
[record_type] Record Type (text (255)) – The type of record monitored: Email, Domain, or IP
[Source] Source (text (255)) – The record source as reported in Dark Web ID
[website] Website (text (255)) – The record website as reported by Dark Web ID
[organization_name] Organization Name (text (255)) – The name of the organization to which the compromise belongs
[compromise] Compromise (text (255)) – The record compromise as reported in Dark Web ID
[password_criteria] Password Criteria (text (255)) – An indication of whether the compromised password meets the organization's password criteria: 'N/A' 'Matches' 'Doesn't Match'
[search_value] Email Domain / IP Address (text (255)) – The email or IP address found by Dark Web ID [date_added] Date Added (Date) – The date the compromise was added to Dark Web ID. [date_found] Date Found (Date) – The date the compromise was found.
9. Add additional fields as necessary.
Available Autotask Fields
Account (integer)
Account Physical Location (integer) Allocation Code Name (integer) Contract Service Bundle ID (Long) Contract Service ID (long)
Creator Type (integer
First Response Assigned Resource (integer) First Response Date Time (DateTime)
First Response Initiating Resource (integer) Hours to be Scheduled (double)
Monitor ID (integer) Monitor Type ID (integer)
Ticket End Date (DateTime)
Ticket Estimated Hours (double) External Ticket ID (String)
Ticket ID (long) Ticket Issue (Integer)
Ticket Number (String)
Resolution Plan Date Time (DateTime) Resolution Plan Due Date Time (DateTime) Resolved Due Date Time (DateTime) Resource (integer)
Resource Role Name (integer) Service Level Agreement ID (integer) Ticket Category (integer)
Ticket Contact (integer)
Ticket Creation Date (DateTime) Ticket Creator (integer)
Ticket Department Name OR Ticket Queue Name (integer)
Ticket Description (string)
Ticket Source (Integer)
Ticket Status (integer)
Ticket Subisshe Type (integer)
Ticket Title (String)
Ticket Type (integer)
Purchase Order Number (string)
Ticket Priority (Integer)
10. Save Your Integration: In the lower-right corner of the page, click Save or Save And Submit A Test Compromise for your configuration. This option will populate a service ticket as you've constructed here with test data in your Autotask platform. If you receive an error upon saving, check your field mapping and try again. Contact support@idagent.com if you experience any unexpected behavior.
Health Indicators: There are two Health statuses for Integrations. Healthy, represented by a tick mark, means your most recent integration request was successful! Unhealthy, represented by a cross mark X, means that your most recent integration request was unsuccessful or resulted in an error. This status will persist until a successful integration request is completed.
Note: An integration is marked unhealthy after the fifth unsuccessful consecutive attempt. The error will be shown on the Edit screen.
Status indicators: You can turn your integration on/off using the toggle button.
You can edit an integration using the edit icon, and the delete icon will completely delete your integration.
11. Associate Organizations with Integrations: You can edit an existing organization or add a new organization. Organizations can be associated with multiple integrations, and any new SMBs will be dynamically mapped with the company on the Autotask side. Still, you must enable integration on the SMB edit page to send compromises for those integrations. A count of associated organizations is displayed in the Integrations table.
12. Enable your Integration: Integrations are turned off by default. You can enable your integration using the toggle button.
After that, all new compromises imported to Dark Web ID will attempt to create a service ticket with the associated platform. Turning off an integration will cease the attempts to generate service tickets with the associated platform.
Note: You can turn your integrations on or off at any time.
14. Enable Integration on SMB: Once you enable the integration toggle button on the Integrations page, you must enable it on the SMB edit page for compromises to send this SMB organization.
- You can go to the SMB edit page.
- You can scroll down to view the Associated Integration section.
- Select the Autotask Integration (or given Integration Title) check box and click Save.
Important: If an organization is disabled, monitoring of the domains continues and the integration remains active. PSA notifications will still be generated, but email notifications will not be sent to this organization. If it is necessary to prevent PSA tickets from being created, in the Associated Integrations section, clear the Autotask Integration (or given Integration Title) check box.
You can view the list of active organizations connected to Autotask on the Integration page.