Configuring BMS API credentials for RocketCyber integration

It is important to ensure that the BMS API user credentials that are used in RocketCyber have the correct permissions to create and modify tickets, as well as the ability to retrieve Customer information (for mapping purposes). 

 

There are two ways to ensure your user has the correct permssions: 

  1. Ensure you use a user that has Administrator level Security Role, as well as the API Access permission (less secure).
  2. Create an API-Employee user that has the specific permissions needed (most secure). 

Create an API-Employee with the correct permissions in Kaseya BMS 

 

You can create an API-Employee type in Kaseya BMS to use with your RocketCyber integration. This user type will not consume a license in BMS. 

While granting them the Administrator role will allow this user to create and update tickets, it is recommended to create a new Security role following the “least privilege” principle to only allow the API user to read account information and create and update tickets.  

 

In BMS, create a new security role under Admin > Security > Roles 

 blobid0.png

 

Click Save and the Permissions Screen will load (If you are editing an existing user, select the user and Edit). Expand the corresponding sections in the below table and assign permissions to the user 

blobid1.png

Section Module Name View Modify Delete
Home My tickets x x  
Service Desk Tickets x x  
CRM Accounts x    
Admin Service Desk x x  
Admin(Special Features) Has API Access Check the box    

 

Save the role permissions.  Now, you can either assign this role to an existing API user that you wish to use, or you can create a new API-Employee User and assign the newly created role.

 

Creating an API-Employee with the created role

 

Once the role has been created, now you can add an API-Employee user and assign them the Role you just created. 

 

Navigate to the HR tab and select Employees on the left nav menu

blobid2.png

 

Create New employee 

blobid3.png

 Select User Type: API-Employee 

Security roles: Assign the Security Role you created in the first steps

 

Note: You must use a valid email address when creating the API user, and it must be unique, as an invite email will be sent to create a password. Alternatively, you can also click the Reset and Send Instructions button to send the password reset email. 

 

Once this is done, you are now ready to configure your integration in RocketCyber. 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us
Provide feedback for the Documentation team!