Changing Passwords Used by External Applications
External Applications and Authentication Using the Web Service API
External applications can be integrated to the VSA via the Web Service API. These external applications can be provided by independent software vendors (ISVs) such as Autotask, ConnectWise, or Tigerpaw. External applications can also be developed by consulting firms, or any organization with technical expertise. To use the Web Service API, external applications must be programmed to authenticate using a valid VSA user name and password.
V6.2 Password Changes that Impact External Applications
VSA v6.1 and prior versions used a SHA-1 algorithm to hash passwords. Therefore, external applications that were compatible with v6.1 used an authentication method based on SHA-1. Beginning with v6.2, a SHA-256 algorithm is used to hash any password that is created under v6.2. Passwords created in prior versions of the VSA remain hashed with SHA-1 until such time as the password is changed or the user is renamed at which point the password is hashed using SHA-256. External applications that were used with v6.1 must be updated, via a programming change, to support SHA-256 passwords in v6.2.
Updating External Applications and Passwords
If you used v6.1 or a prior version of the VSA with an external application, ensure the compatibility of the credential being using. Kaseya recommends arranging to get an updated version of the external application that is compatible with VSA v6.2. Until then, following the procedure for Creating a New SHA-1 Credential for a Legacy External Application described below can be used to maintain compatibility with third party applications.
IMPORTANT Changing a password used by a legacy external application will disable the integration until either the external application is updated to use the required SHA-256 hashing algorithm or a new SHA-1 credential is created and implemented. Ensure passwords used by external applications are not changed before the update is implemented.
If you used v6.1 or a prior version of the VSA with an external application provided by an ISV or other party:
- Contact the ISV or party who developed the external application.
- Request an updated version of the external application.
- Implement the updated version of the external application.
- At this point, you can change the password or rename the account used by the external application.
For ISVs or parties responsible for the development of external applications
- Refer to the Hashing Algorithm section of the Authenticate topic in online help. This section provides instructions on how to update the external application to be compatible with VSA v6.2, while also retaining compatibility with prior versions of the VSA.
- Implement the required programming change to the external application.
Creating a New SHA-1 Credential for a Legacy External Application
If you are running VSA v6.2 or later, and need to create an SHA-1 username and password that is compatible with a legacy external application, and that has not yet been updated to be compatible with v6.2 passwords, use one of the following procedures. You can either create a new master user and password, or reset just the password of an existing master user.
NOTE You must have administrator privileges on the Kaseya Server. For security reasons, you cannot perform the following procedure remotely.
Creating a New Master User Account
- Log in to the machine running the Kaseya Server.
- Access the following web page:
http://localhost/localAuth/setAccountV61.asp
- Enter a new account name in the Master User Name field.
- Enter a password in the Enter Password field and confirm it by re-typing it in the Confirm Password field.
- Enter an email address in the Email Address.
- Click Create.
The external application can now be updated to use the new user account and SHA-1 password to connect to the VSA.
Reset the Password of an Existing Master User Account
NOTE The master user account cannot be disabled.
- Log in to the machine running the Kaseya Server.
- Access the following web page:
http://localhost/localAuth/setAccountV61.asp
- Enter an existing, enabled master account user name in the Master User Name field.
- Enter a password in the Enter Password field and confirm it by re-typing it in the Confirm Password field.
- Skip the Email Address. You cannot reset the email address of an existing user using this web page.
- Click Create.
The external application can now be updated to use the new SHA-1 password to connect to the VSA.