> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rallied.ai/llms.txt
> Use this file to discover all available pages before exploring further.
# Datto RMM
> Connect Datto RMM so the agent can monitor devices, audit hardware and software, triage alerts, and run quick jobs.
Connect Datto RMM so the agent can list and inspect devices, audit hardware / software / network, triage and resolve alerts, and run quick jobs across every site in your Datto RMM tenant.
Datto RMM is configured in **MSP Settings → Integrations**.
## How to connect
Datto RMM uses a tenant-specific API endpoint plus a single API key. You generate both in the Datto RMM web UI before connecting.
Sign in to your Datto RMM tenant as an administrator. Open **Setup → Users** (or your tenant's API page) and create / enable an API user. Grant the permissions you want the agent to use — Devices, Alerts, Sites, and Jobs at minimum. Copy:
* The **API URL** for your region (e.g. `https://pinotage-api.centrastage.net` or your platform-specific equivalent)
* The **API Key** issued for the API user
In the Rallied.ai dashboard, navigate to **MSP Settings → Integrations**.
Find the Datto RMM card and click **Connect**. Enter:
* **API URL** (`base_url`) — your region-specific Datto RMM API endpoint
* **API Key** — the API key issued for the API user
Rallied.ai stores the credentials and uses the `x-au-api-key` header on every call.
The agent currently uses the v1 Datto RMM API directly with the stored API key — there is no OAuth dance, so the connection stays active as long as the API key is valid. If you rotate the key in Datto RMM, reconnect from **MSP Settings → Integrations**.
## How the agent uses it
When a request touches a Datto-managed endpoint or alert — *"why did the disk-space alert fire on FILE01?"*, *"audit the software on Maria's laptop"*, *"run our reboot quick job on the lobby kiosk"* — the agent typically:
1. Finds the alert with `datto-list-alerts` (optionally scoped to a site), or jumps straight to the device with `datto-list-devices` / `datto-get-device`.
2. Resolves site context with `datto-list-sites` / `datto-get-site` when the request is "all of Acme's servers" style.
3. Digs deeper with `datto-get-device-audit` using `type: "software"`, `"hardware"`, or `"network"` to understand the underlying cause.
4. Runs a remediation with `datto-run-quickjob` (approval-gated) — the `jobName` must match a component already configured in Datto RMM for that device's site.
5. Once the root cause is addressed, dismisses the alert with `datto-resolve-alert` (approval-gated).
Resolving an alert in Datto RMM **does not fix the underlying issue** — the agent is instructed to address the root cause first and only then resolve the alert as bookkeeping.
## Tools
| Tool | Default policy | Description |
| ---------------------------------- | --------------- | --------------------------------------------------------------------------------------- |
| `datto_rmm:datto-list-sites` | Auto | List sites (customer environments) in Datto RMM |
| `datto_rmm:datto-get-site` | Auto | Get details for a specific site |
| `datto_rmm:datto-list-devices` | Auto | List managed devices, optionally filtered by site |
| `datto_rmm:datto-get-device` | Auto | Get full details for a specific device |
| `datto_rmm:datto-get-device-audit` | Auto | Audit a device's `software`, `hardware`, or `network` (or all three) |
| `datto_rmm:datto-list-alerts` | Auto | List open alerts, optionally scoped to a site |
| `datto_rmm:datto-resolve-alert` | Approval needed | Resolve (dismiss) an alert by UID |
| `datto_rmm:datto-run-quickjob` | Approval needed | Run a quick job (named component) on a target device, with optional key-value variables |
## Policies
Datto RMM is an integration. Per-tool policies are configured on the **Datto RMM** integration detail page (open it from **MSP Settings → Integrations**).
See [Policies](/dashboard/policies) for an overview of policy modes.