Skip to main content

Impersonation

The Autotask API provides a method to impersonate an Autotask contact or resource (user) when creating tickets, ticket notes, and other API entities. When receiving an API call with contact or resource impersonation, Autotask will accept the API call as if the impersonated contact or resource made the request (as opposed to listing the call as being performed by the API integration user).

By using this impersonation feature, MSPintegrations can make Autotask API calls that create tickets, ticket notes, and other Autotask entities so that the Autotask user-interface shows that they were created by someone other than MSPintegrations.

Use-Case for Impersonation

Impersonation is useful for improving the end-user experience in Autotask. By impersonating the person who took the action that caused MSPintegrations to create a ticket, ticket note, or other Autotask entity, the Autotask user-interface will display the name of the person who took that action and the user who is responsible for the entity being created instead of the system that actually created the entity.

For example, if you use MSPintegrations to create Autotask Tickets from incoming emails, it is more useful for the ticket to display the name of the email sender as the "creator" of the ticket instead of simply displaying the name of your MSPintegrations Autotask API user.

Example Tickets

For example, compare the following two tickets. Both tickets were created by MSPintegrations using the Autotask API.

In this first ticket, "impersonation" was not used and the ticket shows that it was created by the Autotask user "API MSPintegrations". This is not helpful to an Autotask user who wants to determine who created the ticket.

autotask_impersonation_1

In this second example, "impersonation" was used and the ticket shows that it was created by a contact, and not by MSPintegrations. When viewing this ticket in the Autotask interface, the name of the person who caused the ticket to be created will be more useful than the name of the Autotask API user used by MSPintegrations.

autotask_impersonation_2

Using Impersonation

To initiate an API call to Autotask with contact or resource impersonation, you should populate the appropriate field for the call. Each Autotask database entity may have a different name for the impersonation field, but it will typically be similar to CreatedByContactID, CreatedByResourceID or AttachedByContactID.

Requirements

The following requirements must be met for Autotask impersonation to work correctly:

  1. The API user must be configured with a security level that allows impersonation. See our documentation on creating Autotask API security levels.
  2. If impersonating an Autotask resource (a user who has a login to the Autotask system), that resource itself must be associated to a security level that allows it to be impersonated. In Autotask, edit the security level(s) associated to any resources who you'd like to impersonate and confirm the checkbox is enabled for Allow impersonation of resources with this security level: autotask_impersonation_setting_for_user_security_levels