Skip to main content
To enable Neo Agent to interact with your ConnectWise system, you need to create a dedicated security role with the right permissions and then create an API member using that role.
This process involves creating a custom security role called “Neo”, configuring permissions across ConnectWise modules, and setting up API member credentials.

How Neo Agent Permissions Work

Neo Agent uses two layers of access control to keep your ConnectWise data safe:
  1. ConnectWise Security Role (what you configure here) — sets the maximum API access available, just like setting up any technician account.
  2. Neo Agent Dashboard — where you choose exactly what Neo can do. You configure permission groups that control which areas Neo can read, write, or ignore — and whether actions require technician approval first.
Think of it like onboarding a new team member: you give them a security role in ConnectWise so they can access the areas they need, then their manager decides which tasks they actually work on. The ConnectWise role is the ceiling — Neo Agent’s dashboard settings are the actual controls.
Granting API permissions here does not mean Neo Agent will use them all. It simply ensures Neo can operate when you enable a capability in the dashboard. You stay in control of what Neo actually does.

Creating the Security Role and API Member

1

Create a new 'Neo' security role

In ConnectWise, navigate to System → Security Roles and create a new security role for Neo Agent.
Open Security Roles
Add new role
Set the Role ID to Neo and save the role.
Save role
2

Grant read access (Inquire Level)

Set Inquire Level to All for all entries in every module listed below. This gives Neo Agent the ability to look up information across your ConnectWise system — read access alone does not allow any modifications.
Security ModuleInquire Level
Service DeskAll (all entries)
CompaniesAll (all entries)
Time & ExpenseAll (all entries)
ProjectAll (all entries)
FinanceAll (all entries)
ProcurementAll (all entries)
SalesAll (all entries)
MarketingAll (all entries)
SystemAll (all entries)
Neo Agent needs broad read access to provide accurate context when resolving tickets — looking up company details, checking SLA coverage, finding related configurations, reviewing agreements, and referencing system metadata. Read-only access is safe and helps Neo make better decisions.
3

Grant write access (Add and Edit Levels)

Set Add Level and Edit Level to All for the specific entries listed below. These are the core areas Neo Agent needs to resolve tickets, manage time, and handle day-to-day operations.

Service Desk

EntryAdd LevelEdit Level
Service TicketsAllAll
Close Service TicketsAllAll
Service Ticket - DependenciesAllAll
Merge TicketsAllAll
Resource SchedulingAllAll
Knowledge Base CreatorAllAll
Ticket TemplatesAllAll

Companies

EntryAdd LevelEdit Level
Company MaintenanceAllAll
ConfigurationsAllAll
ContactsAllAll
Manage AttachmentsAllAll
ManagementAllAll
NotesAllAll

Time & Expense

EntryAdd LevelEdit Level
Time EntryAllAll
Time Entry Billable OptionAllAll

Project

EntryAdd LevelEdit Level
Close Project TicketsAllAll
Close ProjectsAllAll
Project HeadersAllAll
Project NotesAllAll
Project Ticket - DependenciesAllAll
Project Ticket TasksAllAll
Project TicketsAllAll

Finance

EntryAdd LevelEdit Level
AgreementsAllAll
Billing View TimeAllAll

Procurement

EntryAdd LevelEdit Level
ProductsAllAll
Product CatalogAllAll

System

EntryAdd LevelEdit Level
My CompanyAllAll
Table SetupAllAll
Sensitive areas — left read-only intentionally. The following entries should keep Add, Edit, and Delete levels at None. Neo Agent does not need write access to these areas, and leaving them read-only protects your financial records and security settings:
  • Finance: Invoicing, Invoice Approval, Billing Rate Maintenance, Accounting Interface, Agreement Invoicing, Billing Reconciliation, Company Finance, Expense Reimbursements
  • Procurement: Purchase Orders, Purchasing Approvals
  • System: Member Maintenance, Security Roles, Add Licenses
  • Sales: All entries (Opportunity, Sales Orders, Sales Funnel, etc.)
  • Marketing: All entries (Campaigns, Marketing Groups, etc.)
You can grant write access to these areas later if needed — for example, if you want Neo Agent to manage sales opportunities or create purchase orders.
4

Grant delete access for schedule entries

Delete permissions are only needed for one specific entry:
Security ModuleEntryDelete Level
Service DeskResource SchedulingAll
This allows Neo Agent to manage schedule entries (e.g., rescheduling or removing technician appointments). No other delete permissions are required.
5

Create API member and generate keys

Create the API Member using your newly configured security role:
  1. Navigate to System → Members → API Members
  2. Create a new API member with the following settings:
    • Security Role: Select the “Neo” role you created
    • Email: Set to team@neoagent.io
    • Member ID: Use a descriptive identifier like neo_agent
  3. Generate API credentials:
    • Create API Keys with a description like “Neo-API”
    • You’ll receive both Public and Private keys
Make note of the following information as you’ll need it for the connection setup:
  • API Member identifier (text-based Member ID, e.g., neo_agent)
  • Public Key (acts as username)
  • Private Key (acts as password)

What’s Next?

Once you’ve successfully created the API member with proper permissions, you’re ready to connect it to Neo Agent using the credentials and configuration details from your new API member.
Before proceeding, ensure you have:
  • The API Member identifier (Member ID)
  • The Public Key (username)
  • The Private Key (password)
  • Your ConnectWise PSA URL
  • Your exact company name from the ConnectWise login screen