Would like to see an integration with NinjaOne/NinjaRMM. Research in NinjaOne’s Discord’s #api channel seems to indicate that running ephemeral scripts through Ninja’s API is not currently possible and they aren’t super amenable to adding the feature (from a security standpoint), but that doesn’t negate the request, just probably delays it.
Ninja, DattoRmm and Kaseya are similar in that they don’t allow you to upload your own scripts from the API but they’ll let you execute existing scripts. Our plan is to give users a generic script that runs the ephemeral agent and accepts parameters like your backend URL and the ephemeral session id. They’ll plug the ID of that script into the RMM configuration and we’ll use the API to run that script when we need to establish a connection.
1 Like
Very nice, that sounds like a clever workaround that doesn’t require big companies to change what they’re doing, and honestly it’s a more secure option IMO!
+1. I’ve been very involved with Ninja and am happy to elevate this with our rep and my regular communications with Gavin.
1 Like
+1 for this. Anything that allows us to leverage ImmyBot within NInja is appreciated
+1 for this. Some way of executing scripts within Ninja RMM would be life changing. Immy is create for creating schedules but we don’t want our L1 guys to go to Immy for deployment of apps one-off so if they can execute it through Ninja somehow, it will much appreciated.
It’s definitely not my decision, but I don’t see Ninja doing anything to integrate with Immy. I simply don’t see the value or use case, other than telling your techs to stay in Ninja.
HOWEVER, it is technically possible to leverage the ImmyBot API to trigger an ad-hoc execution of scripts, software installations, or tasks. If you know how to use browser dev tools, you can see the API calls to make by triggering ImmyBot to do the things you want to actually do, and then essentially duplicate the API calls.
Thanks @DimitriRodis . Perhaps I misunderstood the feature request for integration. All good if that’s not something Immy Bot can do. I have already logged a feature request with Ninja to allow integration with Immy Bot so let’s see who can work some pagic first.
Not looking to play with API/development work ourselves and that’s the reason we buy tools to avoid getting involved in dev work which is not our area of expertise.
This sounds excellent. can’t wait for this to be implemented. Thanks Darren
@Muhammad_Luqman this is the existing feature request for Ninja. We have removed your duplicate request.
Feel welcome to vote/add any comments on this existing request.
Darren made some great progress on this today on the monthly Roundtable! I’m sure it will take some time to fully flesh out but given that the live proof of concept worked it’s an exciting step!
1 Like
NinjaRMM has been released in Alpha today!
1 Like
Very cool! I do see it in my integrations list; however I’ve not been able to successfully configure it yet. The directions are not detailed enough (doesn’t specify the Redirect URI to use, if any, and also doesn’t provide the necessary Scopes or Allowed Grant Types when creating the NinjaRMM API key). I got it to request consent once but it failed; the other times it doesn’t get that far:
New-OauthConsentParameter: Line | 58 | New-OAuthConsentParameter -Name OAuthInfo ` | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | The request URI contains an invalid name: oauth-client-secret-REDACTED Status: 400 (Bad Request) ErrorCode: BadParameter
(Also this is with the Region being manually set to “app”; if I use the “Default to ‘app’” setting, it fails entirely:
New-OauthConsentParameter: Line | 60 | … zationEndpoint "https://$($Region).ninjarmm.com/ws/oauth/authorize" ` | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Cannot bind parameter 'AuthorizationEndpoint'. Cannot convert value "https://.ninjarmm.com/ws/oauth/authorize" to type "System.Uri". Error: "Invalid URI: The hostname could not be parsed."
so the default seems to not be working either.)
Even if it then says “Healthy” at the top, the Clients tab shows the error Sync failed: RefreshToken and IntegrationContext.RefreshToken are both null. and doesn’t display anything, and there’s no consent prompt. This is with the manual “app” region, and also selecting all scopes and grant types and using my ImmyBot root URL as the Redirct URI.
But I’m excited it’s close after the bugs and docs are worked out a bit!
EDIT: I created an API key with all checked except Authorization Code. This made Redirect URIs optional. ImmyBot took it and asked to Provide Consent. I chose “indefinite” and clicked Consent, but it went to a 404 Redirect URI not found error. I added my ImmyBot tenant root URL as well as the URI of the integration as Redirect URIs in Ninja (after blank didn’t work), and in both cases get the same error. So the integration instructions aren’t providing the correct Redirect URI to save in Ninja’s config as far as I can tell? The 404 error I get is at https://app.ninjarmm.com/ws/oauth/error?error=unauthorized_client&error_description=Invalid+redirect_uri with the JSON error { "resultCode": "FAILURE", "errorMessage": "HTTP 404 Not Found", "incidentId": "WEB_MGMT_SERVICE-[REDACTED]" }
The docs were a bit rushed, I will make changes in the next few days. The redirect uri is visible in one of the screenshots though, just your immy instance with /consent-callback.
Regarding the refresh, the script doesn’t make it entirely clear, but it happens in the backend when using New-OAuthConsentParameter. That’s why it takes the token endpoint as well.
Thanks–there are no docs right now (at least, not integrated into the integration setup). I found /consent-callback from searching and finding that for the Microsoft integration, but I already tried it and get the same error. I just re-created the API token again using all the checkboxes and that Redirect URI from the start, and it doesn’t even get as far as consent again, seems like if I check Authorization Code it doesn’t allow me to even attempt to consent. But like I said–it’s not documented at all, so I’m just guessing and going from the tiny text under the ClientID box.
Oh there are docs at NinjaRMM Dynamic Integration | immy.bot I see, I assumed if the embedded version wasn’t visible in the integration setup they did not exist. You know what they say about assumptions… 
The docs have a different script than the one shown in the integration config (slightly–the one in the docs seems more robust), but it does have the API info for creating a new key, I will give it a shot!
Also had to go turn Advanced Install Options to ON, I had to turn it off for prior ImmyBot integration to work. There could also be an issue with how the installer is generated based on a beta I’m in with Ninja, but we’ll cross that bridge later…
Yay it works! Or at least, I can now link clients, haven’t done more than that yet 
I am not sure what I am doing wrong. I have everything on the Ninja side correct according to the documentation but it’s still reporting back unhealthy. The only thing I can think of is when in Ninja, Authorization Code is automatically checked, and I select Refresh Tokens, and then after I save it Authorization Code disappears and Refresh Tokens remains. When I did this, I would get an error on immy’s side that said I didn’t set it up correctly.
EDIT: I created the API on Ninja and didn’t select Refresh Token until after I had generated the Secret Key and the Client ID and put those in the fields in immy.bot.
I tried to authorize, and it didn’t let me. Once I selected Refresh Token, it finally let me authorize.
DOUBLE EDIT: I just saw @dszp did the same thing and posted it above. Sorry I missed it!
Just checked to see if I could start linking clients and got this error.
Has this been resolved? I do recommend using our Discord channel for questions like this, you will likely get a reply sooner. You can also send an email to [email protected], if needed.
Not yet, is the immy.bot discord you are talking about the MSPGeek one or do you guys have a standalone server?