Kaseya REST API Overview

The Kaseya REST API comprises a set of client initiated HTTP URI requests that return corresponding responses from a specified Kaseya Server. The Kaseya REST API enables 3rd party applications to integrate with the Kaseya Server and execute many of the same tasks that a VSA user does while working within the VSA.

Resource URIs

Supported URIs are used to access resources. REST URIs are usually organized by static keywords called methods and namespaces. The basic format shown in documentation is:

GET /system/users

GET is the method;
system is the namespace;
users is a subcategory of the parent namespace.

When you enter the complete format in your browser, the URI looks like this:

http://<yourVSA>/api/v1.0/system/users

A supported URI may require an additional dynamic token, indicated in documentation using curly brackets. The basic format shown in documentation looks like this:

GET /system/users/{userId}

When you enter the complete format in your browser, without the curly brackets, the URI looks like this.

http://<yourVSA>/api/v1.0/system/users/89049122543

Model Schema

A model schema identifies the fields and datatypes returned by a single record in a response. Each resource topic shows the model schema it uses.

General Purpose Resources

The Kaseya REST API includes the following general purpose resources:

auth - Requests a sessionToken that can be used in subsequent requests.
echo - Tests the API connection with the target Kaseya Server.

Authentication

Password Authorization

Authentication is required to process almost all requests and is typically the first request. The Auth request requires a username, password, and a randomly generated number to return a session token. Subsequent requests include the following line in the header section of the request, without the curly brackets:

Authorization: Bearer {SessionToken}

The scope assigned the authenticated user you use to create the session token limits access to a partition, organizations, machine groups and agents, the same as any other user.

NOTE The Password Authentication is deprecated and will be removed from VSA as of October 2021.

Personal Token Authorization

The Personal Token Auth provides a more secure way to process requests without using the user's passwords. Subsequent requests include the following line in the header section of the request, without the curly brackets:

Authorization: Bearer {SessionToken}

REST API Tools

There are many free REST API tools you can use to experiment with creating Kaseya REST API API requests and seeing the responses that are returned. Recommended tools include Postman, Fiddler and Swagger.io.

In This Chapter

Request Guidelines

Sample Request and Response

Filter, Sort and Paging Expressions

Authentication

Sample VSA REST API Client

Deprecated Resources

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!