How to Set Up an Agent with Minimal HaloPSA Privileges for the Datagate Integration

Datagate Support | June 8, 2023

Read this document for an overview of how to set up an Agent with minimal HaloPSA Privileges for the Datagate integration.

If you have any questions, don’t hesitate to contact the Services Team.

Section 1: If you are synchronizing Customers and exporting invoices only

🚨 Note - Please see Section 2 if you are importing Recurring invoices from HaloPSA (Product sync)

🚨 Important Note - If you are changing privileges, navigate to Settings/ Integrations/ HaloPSA and press "Test Account Access". This will refresh the token and pick up your HaloPSA privilege changes.

1. Create a Role in HaloPSA

From Halo, Configuration, Teams and Agents, Roles. Add a new Role by clicking "New"

• Role Name: You can choose, we recommend "Datagate API Role"
• Agents that have this Role: Leave blank for now

Go to Permissions tab, configure as below:

Tickets Permissions - none required

Calendars and Appointments Permissions - none required

Ticket Type Restrictions - none required

Client Restrictions

Asset Type Restrictions - not used in Datagate

Asset Field Restrictions - not used in Datagate

User Custom field restrictions - not used in Datagate

Appointment Type restrictions - not used in Datagate

Approval Process Permissions - not used in Datagate

Configuration - none required

Miscellaneous Permissions - none required

2. Create an Agent in HaloPSA

Configuration, Teams and Agents, Agents

To create a new Agent for Datagate, press "New"

Set up as below.

Permissions can be inherited from the Role. If the Test fails, please add these permissions as shown.

Section 2: All Privileges Documented

To access HaloPSA, the privileges must be configured at both Application and Agent levels.

Application Level Permissions

The following permissions on the Application level is required in HaloPSA to perform the integration flows:

• Customers sync:

  • read:customers

• Products sync:

  • read:customers

  • read:invoices

  • read:items

  • read:assets

• Service Items (Assets) sync:

  • read:customers

  • read:assets

• Invoice Export - Multiline:

  • read:customers

  • read:items

  • read:invoices

  • edit:invoices

• Invoice Export - Charges:

  • read:customers

  • read:items

  • read:invoices

  • edit:invoices

Agent Level Permissions

The following permissions on the User (Agent) level is required in HaloPSA to perform the integration flows:

• Customers sync:

  • Clients Access Level: Read

• Products / Service Items sync:

  • Clients Access Level: Read

  • Invoices Access Level: Read

  • Items Access Level: Read

• Service Items (Assets) sync:

  • Clients Access Level: Read

  • Assets Access Level: Read

  • Asset Type Restrictions: Allow use of all Asset Types = Yes

  • Asset Field Restrictions: Allow use of all Asset Fields = Yes

• Invoice Export - Multiline:

  • Clients Access Level: Read

  • Items Access Level: Read

  • Invoices Access Level: Read, Create, Modify and Delete

• Invoice Export - Charges:

  • Clients Access Level: Read

  • Items Access Level: Read

  • Invoices Access Level: Read, Create, Modify and Delete