Nexthink collects and processes a great deal of information coming from your IT infrastructure. The system is able to monitor the configurations, program installations, application executions, user interactions, network connections and system failures of the machines inside your corporate network. In this way, Nexthink provides you with an employee perspective of what is going on inside your IT infrastructure. This data is highly valuable to any IT department. However, IT departments typically do not use just one tool, but multiple tools for different purposes. The ability to combine the available tools in a convenient way is a key factor in the efficiency of your IT department.
The following documentation describes the built-in mechanisms of Nexthink to interact and share data with third-party tools by means of standard protocols and common interchange formats. Your IT team will then be enabled to build full-blown IT solutions by taking advantage of the monitoring capabilities of Nexthink and integrating them with the third-party software of your choice.
Authentication methods (classic)
User account (classic)
A user account with Data Privacy set to none (full access) and the option Finder access enabled can use the APIs. Refer to the Profiles (classic) documentation for more information.
User credentials are verified with basic HTTP authentication. For a given user, the visibility and info levels are identical to those defined in their profile in Portal.
The basic HTTP authentication can be disabled upon request. Contact Nexthink Support for more information. Please note that basic HTTP authentication is required to use the NXQL editor.
You can configure the Nexthink web interface to grant access to the various APIs using the open standard for access delegation, OAuth:
Steps to authenticate
Create a local user with the appropriate role.
Contact Nexthink Support to get an OAuth client ID and secret key.
Generate an access token by calling
us, and pass the client ID, the secret key and the scope. The valid scopes are the following ones:
"service:engines"(engine list API)
"service:remoteaction"(Remote Action API)
"service:enrichment"(Data Enricher API)
Call the API with the bearer token.