Configuring Kaseya BMS integration with Dark Web ID

PERMISSIONS  In Dark Web ID, default security level of Administrator. In Kaseya BMS, role of Administrator.

NAVIGATION  Integrations > New Integration > Kaseya BMS

Permissions

IMPORTANT  You must have access to both Dark Web ID and Kaseya BMS accounts. You must be an admin in both accounts to configure the integration. If you have more than one security level, ensure Administrator is selected as your default security level.

Overview

The Dark Web ID integration with Kaseya Business Management Solution (Kaseya BMS) allows compromised credentials detected by Dark Web ID to automatically create service tickets in the Kaseya BMS. This helps your team investigate and respond to potential credential exposure using familiar ticketing workflows.

The integration is designed to ensure that security findings are visible, actionable, and tracked, without requiring constant monitoring of the Dark Web ID portal.

What happens when the integration Is enabled

Once the integration is active:

  • Dark Web ID continues to monitor email addresses and domains for potential exposure on the dark web.

  • When a new compromise is detected, Dark Web ID automatically sends the alert to Kaseya BMS.

  • A service ticket is created in Kaseya BMS for the affected organization.

This allows your team to manage dark web exposure events the same way they manage other incidents or service requests.

How to...

1. Log in to Dark Web ID

2. From the side navigation menu, click Integrations.

3. Under the PSA tab, click New Integration.

4. Select Kaseya BMS from the New Integration drop-down menu.

5. On the Create Integration page, enter a name for the integration.

NOTE   You can create multiple Kaseya BMS integrations. Use clear names to distinguish them.

  • Enter the following required information under Credentials:

    Field Description
    Your Kaseya BMS URL Choose the base URL you use to access Kaseya BMS in your browser. Example: bms.kaseya.com
    Your Kaseya username The Kaseya BMS user account that Dark Web ID will use to create tickets.
    Your Kaseya password The password for the Kaseya BMS user account specified above.
    Your Kaseya company Your company name that you use to log in to your Kaseya BMS account.

NOTE   All fields are required in order to complete the integration setup. If your organizations are between multiple managed sites, you must set up separate Kaseya BMS integrations.

  • Click Save. A success message confirms authentication

Under Ticket Conditions, you can configure rules that control when BMS tickets are created.

  • Select Do not send PSA ticket if no password is found to prevent ticket creation for compromises that do not include a password. This reduces ticket noise and ensures only that actionable incidents generate BMS tickets.

  • The Enable processing of IP address–related compromises to PSA integration checkbox allows IP address–related compromises to be sent to BMS.

Default behavior:

  • Both ticket conditions are disabled by default. In this state, only email and domain compromises (with or without passwords) are sent to Kaseya BMS; IP address-related compromises are excluded.

When enabled:

  • IP address–related compromises are also created as Kaseya BMS tickets.

The Kaseya Company Mapping section allows you to align Kaseya BMS company names with Dark Web ID organization names so that compromises are sent to the correct company in Kaseya BMS.

This section displays three columns that help identify and resolve naming mismatches between the two systems:

  • Kaseya Account Names: Lists companies retrieved from Kaseya BMS.

  • Matched Organizations: Shows companies that already have a matching Dark Web ID organization name. No action is required for matched entries.

  • Non‑Matching Organizations: Displays Kaseya BMS companies that do not currently match any Dark Web ID organization.

Resolving non‑matching organizations

For companies listed under Non‑Matching Organizations, click Edit to modify either the Kaseya BMS company name or the Dark Web ID organization name so they match. Once the names align, the company moves into the Matched Organizations column. The Dark Web ID Organization title should match the Kaseya BMS company names exactly. Please make sure organization names don't contain leading or trailing spaces.

NOTE  Tickets are created only for matched companies. If a company is unmapped, no tickets are created—even though it may appear in the Total Kaseya Accounts count, which includes all companies retrieved from Kaseya BMS regardless of match status. Each Dark Web ID SMB organization can be associated with only one Kaseya BMS integration.

The Field Mappings section defines how Dark Web ID compromise data is written into specific Kaseya BMS service ticket fields when a PSA ticket is created. In this section, you can map Kaseya BMS ticket fields to Dark Web ID tokens, which dynamically populate ticket content with relevant compromise details.

Adding a field mapping

Click + Add Field Mapping to create a new mapping.

NOTE   Content values may be trimmed to the maximum character length supported by the selected Kaseya BMS field.

Required field mappings

Eight required fields are provided by default to support Kaseya BMS ticket creation. These mappings correspond to core Kaseya BMS service ticket fields and must remain configured for the integration to function correctly.

  • Catchall Account (integer)

  • Catchall Location (integer)

  • Ticket Source (Integer)

  • Ticket Type (integer)

  • Title (string)

  • Details (string)

  • Status (integer)

  • Priority (integer)

These required mappings are pre-configured and visible in the Field Mappings section.

After the required mappings are in place, you can add additional field mappings as needed to customize ticket content.

IMPORTANT  Incorrect or missing mappings can cause ticket creation to fail, and changes take effect immediately after you save them.

Catchall Account mapping

The Catchall Account mapping applies to the required Kaseya BMS Catchall Account (integer) field and defines which Kaseya BMS company is used when a matching Dark Web ID organization cannot be found.

If no organization match exists:

  • The service ticket is still created.

  • The selected Catchall Account is assigned to the ticket.

This ensures compromises are not dropped due to unmatched organization names.

Using tokens

The Token table on the right side of the page lists all available Dark Web ID tokens and their descriptions. These tokens can be inserted into the available fields to dynamically populate tickets.

Tokens appear in square brackets (for example, [record_type]) and are replaced with real data when the ticket is generated.

Example: Details field mapping

In the screenshot, the Details (String 100) field is mapped with the following content: [password_criteria] [pii] [password].

How this works:

  • [password_criteria] [pii] [password] are Dark Web ID tokens.

  • When a ticket is created, [password_criteria] [pii] [password]are automatically replaced with actual data.

This ensures each ticket summary clearly identifies the affected organization without requiring manual updates.

Where available tokens come from

The Token and Token Description columns on the right side of the page show all available Dark Web ID tokens and explain what each one represents. You can reference this list at any time while building field mappings.

  • [uuid]: Dark Web ID's unique identifier for the compromise. (text)

  • [password]: The password hit associated with the Compromise [This does not include IP address related compromises]. (text (255))

  • [obscured_password]: The password hit associated with the Compromise obscured with asterisks after the first four characters. (text (255))

  • [record_type]: The type of record monitored: Email, Domain, or IP. (text (255))

  • [source]: The record source as reported in Dark Web ID. (text (255))

  • [origin]: The record website as reported by Dark Web ID. (text (255))

  • [organization_name]: The name of the Organization to which the Compromise belongs. (text (255))

  • [compromise]: The record compromise as reported in Dark Web ID. (text (255))

  • [password_criteria]: An indication of whether the Compromised Password meets the Organization’s Password Criteria: ‘N/A’ ‘Matches’ ‘Doesn’t Match‘. (text (255))

  • [search_value]: The Email or IP Address found by Dark Web ID. (text (255))

  • [date_added]: The date on which the Compromise was added to Dark Web ID. (date)

  • [date_found]: The date on which the Compromise was found. (date)

  • [pii]: The Personal Identifiable Information found. (text (255))

To save and test the integration, click Save or Save And Submit A Test Compromise in the lower-right corner of the page to validate your configuration.

A test ticket will be created in Kaseya BMS using sample data. If the test is successful, you will see the following confirmation message:

If you encounter any errors, please review the field mappings and permissions. For further assistance, contact support@idagent.com.

Each integration displays a health status:

  • Healthy (✓): This indicates that your most recent integration request was successful.

  • Unhealthy (✗): This indicates that your most recent integration request was unsuccessful or encountered an error. This status will remain until a successful integration request is completed.

NOTE  Integration is marked unhealthy after the fifth unsuccessful consecutive attempt. The errors will be shown on the Edit Integration screen.

You can edit the integration using the edit icon, and the delete icon will completely delete your integration.

  • Integrations are disabled by default. You can enable your integration using the toggle button.

  • After clicking the toggle, you will be prompted to enable the integration. Click Enable to activate the ConnectWise integration.

Enabling the integration globally is not sufficient—you must also enable it per SMB.

There are two ways to edit an organization and manage its integrations:

  • From the Organizations page

  • From the Integrations page

Both methods are supported.

Enable an integration from the Organizations page

1. Open the Organizations page from the side navigation menu.

2. Open the organization’s actions menu (three dots) and select Edit.

3. Scroll to the Associated Integrations section.

4. Select the Kaseya BMS Integration (or your given integration title) checkbox and click Save.

Enable an integration from the Integrations page

1. Open the Integrations page from the side navigation menu.

2. Locate the Kaseya BMS integration and click the pencil icon to edit it.

3. Click Edit to open the SMB Edit page of the organization you wish to modify.

4. Scroll down to view the Associated Integrations section.

5. Select the Kaseya BMS Integration (or your given integration title) checkbox and click Save.

IMPORTANT  If an organization is disabled, monitoring will continue, and the integration will remain active. While PSA notifications will still be generated, email notifications will not be sent to this organization. If you need to prevent PSA tickets from being created, you can do so by clearing the checkbox for the Kaseya BMS Integration (or the specific integration title) in the Associated Integrations section.

You can view the number of organizations linked to Kaseya BMS on the Integrations page.