Least Privileges for HaloPSA Integration
Least permission required for the Agent in HaloPSA Integration setup in the ConnectSecure portal
Please login to HaloPSA and follow the below steps.
Click on Configuration on the Home Page.
Click Agents under Teams & Agents.
Click on New to add a new agent.
Enter the Agent Username and click on Is an API-only Agent.
After filling in the above details, Select the Agents Default Team and Work Hours from the dropdown and Save it.
A new agent is created, for e.g. – TesthaloIntegration (As shown below). Then, Click on New agent (e.g.- TesthaloIntegration).
Then, click on the edit option and click on Permissions to set up the required permissions for that agent.
Assign only the specified permissions as below:
Ticket Access Level – Read and Modify
Client Access Level – Read and Modify
Users Access Level – Read and Modify
Assign only the specified Ticket permissions as below:
Can add new tickets - Yes
Can edit closed Tickets – Yes
Can view unassigned Tickets – Yes
Can view Tickets that are assigned to other Agents – Yes
Can change a Ticket’s Ticket type – Yes
Can re-assign Tickets – Yes
Can assign to Agents in Teams the Agent is not a member of – Yes
Can edit Tickets which are not assigned to them – Yes
Can override maximum priority escalation a ticket type level – Yes
Can override Ticket Review Processing – Yes
Can use the Treat as Spam button and edit action visibility for users – Yes
Can export tickets – Yes
Please navigate to Department & Teams.
Here all the Teams (e.g.- 1st Line Support,2nd Line Support..)can be added to the Agent that is created so that the agent will be available under all the selected teams. This will get the read access to all the teams specified. While configuring the create team in the ConnectSecure portal please assign the team to the new tickets that will be created through the ConnectSecure portal.
Add Teams using the Edit option as shown below.
Add the selected Agent to the team from the dropdown.
After adding the Team, we have the option to delete or edit it.
Least permission required for Application in HaloPSA Integration setup in the ConnectSecure portal:
Please login to HaloPSA and follow the below steps.
Click on Configuration on the Home Page.
Click on Integration under Advanced.
Navigate to HaloPSA API in the left menu and select View Application.
Click on a new Application to create and add a new application.
Add details like Application Name, select Authentication method as Client ID and Secret(services). Please copy the Client ID and Client Secret values so as to be used under ConnectSecure HaloPSA Integration.
Select login type as Agent and select the created agent from the drop-down under Agent to log in as. Once selected, click on Save.
Click on the Application that you have created, for e.g. Cybertest.
After going to the Application (e.g. cybertest), go to Permissions for that application and Edit to give only three Permissions as Read tickets, Edit tickets, and Read customers as Yes.
Navigate to Configuration-> Integration->HaloPSA API->Permissions
Allow the API permissions related to the assets under Halo PSA.
Navigate to Assets->All Assets->Overview under HaloPSA.
After adding the permissions in HaloPSA Integration and enabling the configuration under Company mapping of CyberCNS, assets will be created in Halopsa if they do NOT exist in HaloPSA OR the updates from the CyberCNS assets will be added to existing configuration under HaloPSA.
If a ticket is generated, Additional details will be added to the asset.
If the asset is not created in Halo PSA, it will be created in HaloPSA and linked to the ticket details. For manual creation of tickets, it will also update the corresponding asset.
This completes the Permissions required for Agents and Applications in the HaloPSA Integration setup.