The integration described in this guide uses webhooks to allow EPM to automatically send JIT Application Notifications using SendGrid.
Important
Third-party documentation is subject to change. Updates might not be reflected in BeyondTrust documentation. For the most up-to-date information, visit SendGrid.com.
Requirements
-
Access to a BeyondTrust site with an EPM app
-
An account with privileges to create webhook integrations
-
Access to SendGrid with administrative rights to create api keys.
Note
For more information, see SendGrid Documentation .
Create a SendGrid API Key
-
Log in to the SendGrid app portal.
-
Click Email API > Integration Guide
-
Click Choose under Web API
-
Click Choose next to cURL
-
Under Create an API Key
-
Enter a Key Name
-
Click Create Key
-
Copy the API Key for later use in EPM
-
Execute the curl command.
-
This will send a email via the API for testing. You must use the validated email in the from address field
-
-
Click I've executed the code above.
-
Click Next: Verify Integration
-
Click Verify Integration
-
This will check to see if the email was sent properly
-
Create a webhook integration for SendGrid
-
Go to EPM > Settings
The EPM page displays the available system settings. -
Click Webhook Settings.
The Webhook Settings page displays. -
Click Create Webhook.
The Create Webhook page displays. -
To create the webhook, use the following:
-
Webhook Name: Enter a name
-
Webhook URL: Enter SendGrid integration URL. (ie https://api.sendgrid.com/v3/mail/send)
-
Event: JIT Application Access Ticket Created
-
Content Type: application/json
-
Authentication Type: Custom
-
Token: Enter the integration API Key from SendGrid. Prepended by Bearer<SPACE>(ie Bearer <<SENDGRID_API_KEY>>).
-
Template: Use the following test webhook JSON template to test the connection and send a webhook to SendGrid. After a successful test with the static test data, the template can be configured. Create or change the fields and add variables as per your requirements.
-
{
"personalizations": "{
"to": "{
"email": "jit.app.notification.list@example.com"
}]
}],
"from": {
"email": "send.grid.sender@example.com"
},
"subject": "JIT Application Access Request",
"content": "{
"type": "text/plain",
"value": "A request to execute %%FilePathObjectId%% by %%User%% has been received. You can view the application at https://example.pm.beyondtrustcloud.com/jit-access-management/jit-access/details/%%EpmId%%"
}]
}
Note
The from email address must be in the list of verified sender in SendGrid.
For more information, see SendGrid Documentation .