Configuring Autotask

This guide is designed for users who want to enable Dark Web ID integration with Autotask. It walks you through a step-by-step integration process.

Integration overview

The functionality is a significant Dark Web ID enhancement that leverages integration with Autotask. It improves customers' ability to manage compromises by creating a PSA ticket within Autotask for each new compromise. This allows users to more easily track, manage, and remediate compromises as they are alerted.

Prerequisites

You must have access to both Dark Web ID and Autotask accounts.

Instructions

To configure Autotask for importing organizations and automatically creating tickets, follow these steps:

1. Ensure you have all the necessary API Credentials. For guidance, refer to Creating an API User in Autotask.

2. Navigate to the left panel and click Integrations.

3. Click New Integration under the PSA tab, and then select Autotask.

4. On the Create Integration page, you can perform the following actions:

Integration Title: You may either keep the existing integration name or edit it to your preference.

Credentials:
- Autotask API version: The region is selected to identify your Autotask API version. It is recommended to use the 1.6 version.
- Enter the saved Username (Key) and Password (Secret) from Step 1 into the Autotask Username and Autotask Password fields, respectively.
Click Save.

5. You will see the Autotask authentication successful message as shown.

6. The Ticket Conditions section features a checkbox labeled Do not send PSA ticket if no password is found. This option allows users to control the creation of PSA tickets based on password discovery results. When this checkbox is selected, the system will refrain from generating a ticket if no compromised passwords are detected during the scan. This helps to reduce ticket clutter and ensures that only relevant security incidents result in a new PSA ticket, thereby streamlining the ticket management process.

7. Make sure to edit your organization names to match them across both products. The Dark Web ID organization titles should exactly match Autotask account names.

8. Populate required content as it should map to Autotask service ticket fields. Use the Dark Web ID tokens to add context to your service tickets.

NOTE One Dark Web ID SMB organization can only be mapped to one Autotask service ticket.

Available Dark Web ID tokens

[uuid] UUID (text) : Dark Web ID's unique identifier for the compromise

[password] Password Hit (text (255)) : The password hit associated with the compromise

[obscured_password] Password Hit (Obscured) (text (255)) : The password hit related to the compromise is obscured with asterisks after the first four characters.

[record_type] Record Type (text (255)) : The type of record monitored: Email, Domain, or IP

[Source] Source (text (255)) : The record source as reported in Dark Web ID

[website] Website (text (255)) : The record website as reported by Dark Web ID

[organization_name] Organization Name (text (255)) : The name of the organization to which the compromise belongs

[compromise] Compromise (text (255)) : The record compromise as reported in Dark Web ID

[password_criteria] Password Criteria (text (255)) : An indication of whether the compromised password meets the organization's password criteria: 'N/A' 'Matches' 'Doesn't Match'

[search_value] Email Domain / IP Address (text (255)) : The email or IP address found by Dark Web ID

[date_added] Date Added (Date) : The date the compromise was added to Dark Web ID.

[date_found] Date Found (Date) : The date the compromise was found.

[pii]: The Personal Identifiable Information found.

9. Add additional fields as necessary.

Available Autotask Fields

Account (integer)

Account Physical Location (integer) Allocation Code Name (integer) Contract Service Bundle ID (Long) Contract Service ID (long)

Creator Type (integer)

First Response Assigned Resource (integer) First Response Date Time (DateTime)

First Response Initiating Resource (integer) Hours to be Scheduled (double)

Monitor ID (integer) Monitor Type ID (integer)

Ticket End Date (DateTime)

Ticket Estimated Hours (double) External Ticket ID (String)

Ticket ID (long) Ticket Issue (Integer)

Ticket Number (String)

Resolution Plan Date Time (DateTime) Resolution Plan Due Date Time (DateTime) Resolved Due Date Time (DateTime) Resource (integer)

Resource Role Name (integer) Service Level Agreement ID (integer) Ticket Category (integer)

Ticket Contact (integer)

Ticket Creation Date (DateTime) Ticket Creator (integer)

Ticket Department Name OR Ticket Queue Name (integer)

Ticket Description (string)

Ticket Source (Integer)

Ticket Status (integer)

Ticket Subissue Type (integer)

Ticket Title (String)

Ticket Type (integer)

Purchase Order Number (string)

Ticket Priority (Integer)

10. Save Your Integration: In the lower-right corner of the page, click Save or Save And Submit A Test Compromise for your configuration. This option will populate a service ticket as you've constructed here with test data in your Autotask platform. If you receive an error upon saving, check your field mapping and try again. Contact support@idagent.com if you experience any unexpected behavior.

Health Indicators: There are two Health statuses for Integrations. Healthy, represented by a tick mark, means your most recent integration request was successful.

Unhealthy, represented by a cross mark X, means that your most recent integration request was unsuccessful or resulted in an error. This status will persist until a successful integration request is completed.

NOTE An integration is marked unhealthy after the fifth unsuccessful consecutive attempt. The error will be shown on the Edit screen.

You can edit an integration using the edit icon, and the delete icon will completely delete your integration.

11. Associate Organizations with Integrations: You can edit an existing organization or add a new organization. Organizations can be associated with multiple integrations, and any new SMBs will be dynamically mapped with the company on the Autotask side. Still, you must enable integration on the SMB edit page to send compromises for those integrations. A count of associated organizations is displayed in the Integrations table.

12. Enable your Integration: Integrations are turned off by default. You can enable your integration using the toggle button.

After clicking the toggle, you will be prompted to enable the integration. Click Enable to activate the Autotask integration.

The status bar turns blue when the integration is enabled.

After that, all new compromises imported to Dark Web ID will attempt to create a service ticket with the associated platform. Turning off an integration will cease the attempts to generate service tickets with the associated platform.

NOTE You can turn your integrations on or off at any time.

13. Enable Integration on SMB: Once you enable the integration toggle button on the Integrations page, you must enable it on the SMB edit page for compromises to send this SMB organization.

Go to the SMB edit page.
Scroll down to view the Associated Integrations section.
Select the Autotask Integration (or given Integration Title) checkbox and click Save.

IMPORTANT If an organization is disabled, monitoring of the domains continues and the integration remains active. PSA notifications will still be generated, but email notifications will not be sent to this organization. If it is necessary to prevent PSA tickets from being created, in the Associated Integrations section, clear the Autotask Integration (or given Integration Title) check box.

You can view the list of active organizations connected to Autotask on the Integrations page.

	Need help? Submit a Kaseya Helpdesk request.
	Want to talk about it? Head over to Kaseya Community.
	Have a new feature idea? Visit the Kaseya Ideas portal.
	Provide feedback for the Documentation team.