Capabilities
| Resource | Sync | Provision |
|---|---|---|
| Resources (users) | ||
| Contacts | ||
| Roles | ||
| Departments | ||
| Security levels |
Tickets records for C1 provisioning tasks.
The connector also emits the following access grants:
- Role assignments — which resources are assigned to each role (from the
ResourceRolesjoin entity). - Department membership — which resources belong to each department (from the
ResourceRolesjoin entity). - Security-level assignments — which resources hold each security level (from
the
Resources.userTypefield).
Gather Autotask credentials
In Autotask, create (or copy) a resource with the API User (API-only)
security level. Note its user name (an email address such as
apiuser@example.com) and password (secret).On the API user’s Resource Management > Security tab, assign or generate
an API tracking identifier (integration code). API-only users cannot log
in to the UI, so have an HR-security-level user retrieve it for you.
Determine your zone-specific REST API base URL. Autotask hosts each tenant
in a geographic zone with its own host name. Issue the unauthenticated
zone-discovery request (replace the user with your API user name):The response includes a Use the
url field, for example:url value as the connector Base URL (the connector trims any
trailing slash automatically).Configuration fields
| Field | Required | Secret | Description |
|---|---|---|---|
| API User Name | Yes | No | The API-only user name (email), sent in the Username header and used for zone discovery. |
| API Secret | Yes | Yes | The API-only user’s secret (password), sent in the Secret header. |
| API Integration Code | Yes | No | The API tracking identifier, sent in the ApiIntegrationCode header. |
| Base URL | Yes | No | The zone-specific REST base URL discovered above (e.g. https://webservices3.autotask.net/atservicesrest). |
Username, Secret, ApiIntegrationCode). Only the secret rides the
encrypted auth slot; the user name and integration code are non-secret
identifiers.
Configure the Autotask connector
- Cloud-hosted
- Self-hosted
Follow these instructions to use a built-in, no-code connector hosted by C1.Done. Your Autotask connector is now pulling access data into C1.
Enter the Autotask credentials:
- API User Name: the API-only user’s email.
- API Secret: the API-only user’s secret.
- API Integration Code: the API tracking identifier.
- Base URL: the zone-specific REST base URL from zone discovery.
Optional. If you want C1 to create Autotask tickets for manual
provisioning tasks, click Enable external ticket provisioning.
Configure external ticketing
After enabling external ticket provisioning on the connector, configure Autotask as an external ticketing provider in C1.Optionally map tenant-specific fields such as Priority, Status,
Ticket Type, Ticket Category, Queue, Assigned Resource ID,
Assigned Resource Role ID, Contact ID, Due Date, and
External ID. Picklist fields are loaded from Autotask’s
Tickets/entityInformation/fields endpoint, so their available values match
the configured tenant.Limitations and notes
- No self-serve sandbox. Autotask does not offer a self-serve developer sandbox, so live validation requires real tenant credentials.
- Pagination and rate limits. Query responses return at most 500 records per
page; the connector follows the
pageDetails.nextPageUrllink until it is null. Autotask enforces a tenant-wide limit of 10,000 API calls per hour shared across all integrations, so the connector retries transient and rate-limited responses with backoff. - Security levels. Autotask has no queryable
SecurityLevelsentity. Security levels are synced from the picklist values of theResources.userTypefield (retrieved viaResources/entityInformation/fields), and security-level assignments are derived from each resource’suserTypevalue. (The original request referred to this field assecurityLevelID; the official REST field name isuserType.) - Ticket creation. External ticket provisioning creates Autotask
Ticketsrecords. The connector does not update or close Autotask tickets directly; C1 tracks provider state through the configured external-ticketing status mappings. - Read-only access sync. This connector syncs identity and access data and can create external tickets. It does not provision grants or accounts directly.