The integration described in this guide uses webhooks to allow EPM to automatically send JIT Application Notifications using Zendesk.
Important
Third-party documentation is subject to change. Updates might not be reflected in BeyondTrust documentation. For the most up-to-date information, visit Zendesk's Creating webhooks to interact with third-party systems documentation.
Requirements
-
Admin access to Zendesk for service solution
-
A Zendesk user account is assigned to a team member with the Agent Support role
-
API Token access in the Zendesk API
-
Access to a site with EPM
-
An EPM account with administrator privileges
Configure Zendesk for integration
Create a team member with an Agent Support role
Log in to the Zendesk admin portal, and follow these steps to create a team member:
-
In the left menu, click People.
-
Under Team, click Team Members.
-
Click Create team member.
-
Enter a username. This name is used for creating the webhook in BeyondTrust EPM.
-
Assign the Agent role to this user.
Add an API token
-
In the left menu, click Apps and Integrations.
-
Under APIs, click Zendesk API.
-
Click the Settings tab, if necessary, and enable Token access, if necessary.
-
Click Add API token.
-
Enter API token description as EPM, and copy the API token. This token is used for creating the webhook in BeyondTrust EPM.
-
Click Save
Create a webhook integration for Slack
-
Go to EPM > Settings
The EPM page displays the available system settings. -
Click Webhook Settings.
The Webhook Settings page displays. -
Click Create Webhook.
The Create Webhook page displays. -
To create the webhook, use the following:
-
Webhook Name: Enter a name
-
Webhook URL: Enter Zendesk URL. (ie
http://youraccount.zendesk.com/api/v2/tickets) -
Event: JIT Application Access Ticket Created
-
Content Type: application/json
-
Authentication Type: BASIC
-
Authentication Username: The agent username created in Zendesk with /token added immediately after it. For example,
maria@email.com/token -
Authentication Password: The API access token created in Zendesk for Insights.
-
Template: Use the following test webhook JSON template to test the connection and send a webhook to Zendesk. After a successful test with the static test data, the template can be configured. Create or change the fields and add variables as per your requirements.
-
Change the id to the custom text field you added in the Zendesk ticket.
-
After a successful test with the static test data, the template can be configured. Create or change the fields and add variables as per your requirements.
-
-
{
"ticket":{
"subject": "JIT Application Access Ticket Created",
"comment":{
"body":"A request to execute %%FilePathObjectId%% by %%User%% has been received. You can view the application at https://example.pm.beyondtrustcloud.com/jit-access-management/jit-access/details/%%EpmId%%"
},
"priority":"urgent",
"type":"incident"
}
}
Note
The from email address must be in the list of verified sender in Slack.
For more information on card formatting, see Slack Documentation .
