IT Glue is configured in MSP Settings → Integrations.
How to connect
IT Glue uses API key authentication. You’ll need an API key from your IT Glue account before starting.Generate an IT Glue API key
In IT Glue, go to Account → Settings → API Keys and click Generate a new API key. Give it a recognizable name (e.g.
Rallied Integration) and copy the key — it’s only shown once.Use a key with read-only access if you only want the agent to consult documentation. Use a key with write access if you want the agent to create or update documents and flexible assets through the approval flow.Enter your credentials
Fill in:
- API Key — the key you generated above
- Region — your IT Glue region:
US(api.itglue.com),EU(api.eu.itglue.com), orAU(api.au.itglue.com)
Mapping organizations to clients
IT Glue stores documentation per organization. To use IT Glue with a specific client, map the client to its IT Glue organization on the client’s detail page. Once mapped, every tool call the agent makes against IT Glue is automatically scoped to that organization — there is no risk of pulling another client’s runbook into a response. If a client is not mapped to an IT Glue organization, the agent will not consult IT Glue when handling that client’s requests.What the agent reads
During diagnosis, the agent searches IT Glue for content relevant to the request. The most useful surfaces are:| Surface | Typical content |
|---|---|
| Documents | Runbooks, procedures, “how we do X for client Y” |
| Configurations | Servers, network devices, endpoints, software versions |
| Passwords | Service accounts, admin credentials, shared logins |
| Flexible assets | Custom asset types your team has defined (SSL certs, Office 365 tenants, vendor records, etc.) |
| Contacts | Client-side stakeholders, escalation paths |
Passwords and approval
Passwords retrieved from IT Glue are sensitive. By default, theget-password tool is set to Approval needed — the agent can identify that a password is needed for a step, but cannot retrieve and use it without a technician approving the plan first. You can change this in MSP Settings → Policies or per client.
For especially sensitive operations, you can also require identity verification before the agent uses any retrieved credential.
Tools
| Tool | Default policy | Description |
|---|---|---|
itglue:list-organizations | Auto | List IT Glue organizations available to the API key |
itglue:get-organization | Auto | Get details for a single organization |
itglue:search-documents | Auto | Full-text search across documents in the mapped organization |
itglue:get-document | Auto | Fetch a document by ID, including Markdown body |
itglue:list-configurations | Auto | List configurations (servers, devices, endpoints) for the organization |
itglue:get-configuration | Auto | Fetch full details for a configuration |
itglue:list-flexible-assets | Auto | List flexible asset records of a given type |
itglue:get-flexible-asset | Auto | Fetch full details for a flexible asset |
itglue:list-passwords | Auto | List password records (names and metadata only — no secret values) |
itglue:get-password | Approval needed | Retrieve the actual password value for a record |
itglue:create-document | Approval needed | Create a new document in the organization |
itglue:update-document | Approval needed | Update an existing document |