KaseyaOne integration with Datto Partner Portal

ENVIRONMENT: Datto Partner Portal, KaseyaOne

To integrate KaseyaOne with Datto Partner Portal, a KaseyaOne Master user must provide each user an individual account for KaseyaOne. The Master user must also link the Datto Partner Portal platform to KaseyaOne (refer to Enable Unified Login). Doing this will allow users to:

  • Access the Datto Partner Portal module from KaseyaOne.

  • View Cooper Intelligence Engine insights for Datto Partner Portal in KaseyaOne.

  • Log in to Datto Partner Portal with their Unified Login credentials.

The Unified Login features that the Master user can configure for the Datto Partner Portal are:

Prerequisites

  • A Datto Partner Portal account with Security Admin privileges

  • A KaseyaOne account with Master permissions

IMPORTANT  The Portal and the KaseyaOne user accounts must be associated with the same email address or username.

Configure Log In with KaseyaOne for your organization as follows to use Unified Login (Log In with KaseyaOne) to access the Datto Partner Portal:

  1. Log into the Datto Partner Portal and navigate to Admin > Security Settings.

  2. Go to the Single Sign-on (SSO) section of the page that shows the KaseyaOne logo and click Enable Login with KaseyaOne.

  3. When prompted, log in to KaseyaOne: 

    1. Enter the Username and Company Name for your KaseyaOne account and then click Next

    2. Enter the Password for your KaseyaOne account and then click Log In.

    3. Enter your two-factor authentication (2FA) token when prompted and click Verify.

      Upon successful verification, you will be logged in to KaseyaOne. Unified Login for Datto Partner Portal is now enabled.

      NOTE  Push multi-factor authentication (MFA) is also available for Unified Login. After you set up push MFA for your KaseyaOne account, it will be the default method used to verify your identity when accessing your KaseyaOne account. Two-factor authentication (2FA) will continue to be available as usual. Refer to Set up push multi-factor authentication for Unified Login.

    Unified Login (Log In with KaseyaOne) is now enabled for Datto Partner Portal:

After Unified Login is enabled for Datto Partner Portal

All users with accounts in both KaseyaOne and the Partner Portal will be able to use their KaseyaOne login credentials to access the module.

  • In KaseyaOne, the Datto Portal will appear in the My Modules list.

  • From KaseyaOne, you will be able to access the Datto Partner portal and will see the KaseyaOne App Launcher icon on the application banner when you log in to the Partner Portal.

  • In Datto Partner Portal, click App Launcher and you will see a list of the modules enabled for Unified Login under the My IT Complete heading; click the KaseyaOne link to open KaseyaOne.

Multiple tenants

If a KaseyaOne account is linked to two different Datto Partner Portal companies and you are logging in with your KaseyaOne credentials, you must choose which account to open.


The steps to log in to Datto Partner Portal using Log In with KaseyaOne credentials are:

  1. On the Datto Partner Portal login screen, click Log In with KaseyaOne.

  2. If you're already logged in to KaseyaOne, you will automatically be logged in to the Partner Portal using Unified Login (Log In with KaseyaOne) credentials at this step.

  3. If you're not already logged in to KaseyaOne, the KaseyaOne log in prompt appears.

    • Enter the Username and Company Name for your KaseyaOne account and then click Next.

    • Enter the Password for your KaseyaOne account and then click Log In.

    • Enter your two-factor authentication (2FA) token when prompted and click Verify.
      Upon successful verification, you will be logged in to KaseyaOne and the Datto Partner Portal will open.

Configure Require Log In with KaseyaOne for your organization as follows to force users to log in to Datto Partner Portal with their KaseyaOne Unified Login credentials only. Users with exceptions will still be able to log in using their local module-specific credentials.

NOTE  Security Admins and Primary users will be exempt from this feature, if enabled. To prevent account lockouts, they will always be allowed to use their Datto Partner Portal credentials to log in to the Partner Portal.

Accounts using one email address for multiple Resellers or MSPs will also be exempt from this feature, if enabled. They will always be allowed to use their Datto Partner Portal credentials to log in to the Partner Portal.

  1. Log into the Datto Partner Portal and navigate to Admin > Security Settings.

  2. Go to the Single Sign-on (SSO) section of the page that shows the KaseyaOne logo and make sure that KaseyaOne SSO is enabled.

  3. In the Require Log In with KaseyaOne section, turn on the Require Log In with KaseyaOne toggle to enable the feature. Turning off the toggle disables the feature, allowing users to log in to the Partner Portal with either their KaseyaOne Unified Login credentials or their local authentication.

  4. Under User Exceptions (this section appears only after you turn on the Require Log In with KaseyaOne toggle):

    • Click Add (the plus icon) next to each user who will be exempt from the Require Log In with KaseyaOne condition if enabled. The value in the corresponding Exception field changes to Yes.

    • Click Delete (the dustbin icon) next to a user to remove that user from the exceptions list. The value in the corresponding Exception field changes to No.

    By default, no users will be exempt (Exception = No for all users by default).

Configure Automatic User Provisioning for Datto Partner Portal as follows to allow just-in-time user provisioning for the module where module user accounts will be created automatically, with a specified default role, whenever new KaseyaOne users are granted access to Datto Partner Portal.

  1. Log into the Datto Partner Portal and navigate to Admin > Security Settings.

  2. Go to the Single Sign-on (SSO) section of the page that shows the KaseyaOne logo and make sure that KaseyaOne SSO is enabled.

  3. In the Automatic User Creation section, turn on the Enable Automatic User Creation toggle to enable the feature.

  4. Under Select default role for JIT implementation, click the drop-down arrow and select the default Datto Partner Portal role to assign to new KaseyaOne users. For security reasons, select a lower level of access as the default role.

Configure Automatic User Deprovisioning for Datto Partner Portal as follows to allow just-in-time user deprovisioning for the module where Datto Partner Portal users will be deactivated or deleted when they are deactivated or deleted in KaseyaOne.

  1. Log into the Datto Partner Portal and navigate to Admin > Security Settings.

  2. Go to the Single Sign-on (SSO) section of the page that shows the KaseyaOne logo and make sure that KaseyaOne SSO is enabled.

  3. In the Automatic User Deactivation section, turn on the Enable Automatic User Deactivation toggle to enable the feature.

  4. Click Save.

    When a user created in KaseyaOne is deactivated or deleted, that user will now be deactivated or deleted in the Datto Partner Portal.