Dedicated API Integration Account in PSA


PSA allows you to create API-only access user types for the purpose of Oauth Integrations with other apps.  A user-less alternative is available with no license consumption on the account. 


  1. Create a new employee in HR > Employees
  2. Choose the User Type as Api Employee


Important! API users will no longer be enforced for MFA. If your tenant has "Require MFA for non-SSO users" set to "Yes", the API user will be able to generate the access token. 


  • API Employee account can be used to set up integrations between any app that uses OAuth
  • API Employee account will not be able to login to the user interface, user password cannot be manually reset.
  • API Employee user types cannot be edited.
  • It won't consume any license from your subscription. 
  • Users with API employee type will be listed only under HR > Employees
  • Existing users with Employee or External Employee user types cannot be changed to API Employee.
  • API Employee user type cannot have an external security role. The system will throw an error. 
    • Error! Cannot add external roles to internal users.
  • These users can be used for the token generation with 3rd party apps using Basic authentication. mceclip1.png

Basic authentication

API token access can be granted to the API Employee account.  Users with non Administrator roles will have to enable API Access in Admin> Security > Roles > Admin. This will allow these users to use the account for a token generation with API integrations or any third-party apps like Postman. mceclip1.png

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us