> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rallied.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# IT Glue

> Connect IT Glue so the agent can read your client documentation, configurations, and passwords during diagnosis.

Connect IT Glue so every client agent can read your existing documentation — runbooks, configurations, passwords, flexible assets — the same way a senior technician would when handling a ticket.

<Note>
  IT Glue is configured in **MSP Settings → Integrations**.
</Note>

## How to connect

IT Glue uses API key authentication. You'll need an API key from your IT Glue account before starting.

<Steps>
  <Step title="Generate an IT Glue API key">
    In IT Glue, go to **Account → Settings → API Keys** and click **Generate a new API key**. Give it a recognizable name (e.g. `Rallied Integration`) and copy the key — it's only shown once.

    Use a key with **read-only** access if you only want the agent to consult documentation. Use a key with **write** access if you want the agent to create or update documents and flexible assets through the approval flow.
  </Step>

  <Step title="Open MSP Integrations">
    In the Rallied.ai dashboard, navigate to **MSP Settings → Integrations**.
  </Step>

  <Step title="Connect IT Glue">
    Find the IT Glue card and click **Connect**. A credentials form appears.
  </Step>

  <Step title="Enter your credentials">
    Fill in:

    * **API Key** — the key you generated above
    * **Region** — your IT Glue region: `US` (`api.itglue.com`), `EU` (`api.eu.itglue.com`), or `AU` (`api.au.itglue.com`)
  </Step>

  <Step title="Save and confirm">
    Click **Save**. Rallied.ai validates the key, fetches your organizations, and imports them as candidate client mappings. The card shows **Connected** when complete.
  </Step>
</Steps>

## Mapping organizations to clients

IT Glue stores documentation per **organization**. To use IT Glue with a specific client, map the client to its IT Glue organization on the client's detail page. Once mapped, every tool call the agent makes against IT Glue is automatically scoped to that organization — there is no risk of pulling another client's runbook into a response.

If a client is not mapped to an IT Glue organization, the agent will not consult IT Glue when handling that client's requests.

## What the agent reads

During diagnosis, the agent searches IT Glue for content relevant to the request. The most useful surfaces are:

| Surface             | Typical content                                                                                |
| ------------------- | ---------------------------------------------------------------------------------------------- |
| **Documents**       | Runbooks, procedures, "how we do X for client Y"                                               |
| **Configurations**  | Servers, network devices, endpoints, software versions                                         |
| **Passwords**       | Service accounts, admin credentials, shared logins                                             |
| **Flexible assets** | Custom asset types your team has defined (SSL certs, Office 365 tenants, vendor records, etc.) |
| **Contacts**        | Client-side stakeholders, escalation paths                                                     |

The agent reasons about what's relevant from the request, fetches matching records, and either uses the information directly or includes it in its internal note for technician review.

## Passwords and approval

Passwords retrieved from IT Glue are sensitive. By default, the `get-password` tool is set to **Approval needed** — the agent can identify *that* a password is needed for a step, but cannot retrieve and use it without a technician approving the plan first. You can change this in **MSP Settings → Policies** or per client.

For especially sensitive operations, you can also require [identity verification](/agents/identity-verification) before the agent uses any retrieved credential.

## Tools

| Tool                          | Default policy  | Description                                                            |
| ----------------------------- | --------------- | ---------------------------------------------------------------------- |
| `itglue:list-organizations`   | Auto            | List IT Glue organizations available to the API key                    |
| `itglue:get-organization`     | Auto            | Get details for a single organization                                  |
| `itglue:search-documents`     | Auto            | Full-text search across documents in the mapped organization           |
| `itglue:get-document`         | Auto            | Fetch a document by ID, including Markdown body                        |
| `itglue:list-configurations`  | Auto            | List configurations (servers, devices, endpoints) for the organization |
| `itglue:get-configuration`    | Auto            | Fetch full details for a configuration                                 |
| `itglue:list-flexible-assets` | Auto            | List flexible asset records of a given type                            |
| `itglue:get-flexible-asset`   | Auto            | Fetch full details for a flexible asset                                |
| `itglue:list-passwords`       | Auto            | List password records (names and metadata only — no secret values)     |
| `itglue:get-password`         | Approval needed | Retrieve the actual password value for a record                        |
| `itglue:create-document`      | Approval needed | Create a new document in the organization                              |
| `itglue:update-document`      | Approval needed | Update an existing document                                            |

Read tools default to **Auto** so the agent can consult documentation freely during diagnosis. Write tools and password retrieval default to **Approval needed**.

## Policies

You can fine-tune IT Glue tool policies from **MSP Settings → Integrations** (open the IT Glue detail page).