> ## Documentation Index
> Fetch the complete documentation index at: https://docs.neoagent.io/llms.txt
> Use this file to discover all available pages before exploring further.

# PSA API

> How Neo Agents read and write your PSA — tickets, notes, time entries, contacts, and more

Neo Agents act on your PSA through a single API-backed tool — **ConnectWise PSA API**, **Autotask PSA API**, **Halo PSA API**, or **ServiceNow PSA API**, depending on which PSA you've connected. Rather than enabling separate tools for "update ticket fields", "add a note", "merge tickets", and so on, you pick which **permission groups** the agent can use and the matching capabilities turn on at once.

<Info>
  The PSA API tool appears in your agent automatically once you connect a PSA — there's no separate toggle in the tool list. You control what it can do on the workflow's **Integrations** tab.
</Info>

## What It Does

* Read and update tickets — status, priority, type, board/queue, assignee, custom fields
* Add internal notes, detail descriptions, and resolution notes
* Add client-facing notes (which your PSA may deliver as an email to the contact)
* Log time entries, set billable options and work types
* Merge and bundle duplicate or related tickets
* Look up and manage companies, sites, contacts, and configuration items
* Search the product catalog and add line items to tickets
* Manage schedule entries, appointments, and service calls
* Query agreements, SLAs, projects, opportunities, knowledge base articles, and other PSA records
* Reach any endpoint your PSA's API exposes, gated by the permission groups you enable

## Permission Groups

Each PSA integration is split into permission groups — for example **Tickets**, **Ticket Notes**, **Time Entries**, **Contacts**, **Companies**, **Configurations**, **Products**, **Schedule Entries**, **Agreements**, **SLAs**, **Projects**, **Knowledge Base**, **Audit Trail**, and more (the exact set varies by PSA). Every group has an access level:

| Level            | What the agent can do          |
| ---------------- | ------------------------------ |
| **Disabled**     | No access to this category     |
| **Read Only**    | Query and list operations only |
| **Read / Write** | Create and update operations   |

A few groups have extra switches — for example, **Tickets** lets you enable **merge** and **bundle** separately, and lets you whitelist exactly which ticket fields the agent may change. **Delete** is off by default everywhere and must be turned on explicitly per group.

<Tip>
  **Letting the agent change ticket fields:** set the **Tickets** permission group to Read / Write and pick the allowed fields. This replaces the old standalone "Update Ticket Fields" tool. The same applies to notes (**Ticket Notes**), time entries (**Time Entries**), and contacts (**Contacts**).
</Tip>

## Access Profiles

Quick-start profiles configure every permission group at once:

| Profile             | Best for                                                                        |
| ------------------- | ------------------------------------------------------------------------------- |
| **Read Only**       | Monitoring, triage, and reporting agents                                        |
| **Helpdesk**        | Tier 1 agents — status changes, notes, basic ticket updates                     |
| **IT Admin**        | Tier 2/3 agents — full ticket lifecycle, time entries, contacts, configurations |
| **Full Automation** | Fully autonomous agents — all operations, no approval required                  |

## Safety Controls

| Control                    | Behavior                                                                                                               |
| -------------------------- | ---------------------------------------------------------------------------------------------------------------------- |
| **Technician-in-the-Loop** | Require human approval before writes — configurable per permission group                                               |
| **Field-level control**    | Whitelist exactly which ticket and time-entry fields the agent may change                                              |
| **Delete control**         | Delete permissions are off by default and must be explicitly enabled per group                                         |
| **Audited writes**         | Every change is attributed to the API member / service account you connected, so it shows up in your PSA's audit trail |
| **Test mode**              | When test mode is on, the agent plans the writes but doesn't execute them                                              |

## How to Configure

<Steps>
  <Step title="Connect your PSA">
    Set up the integration: [ConnectWise](/integrations/psa/connectwise/overview), [Autotask](/integrations/psa/autotask/overview), [HaloPSA](/integrations/psa/halopsa/overview), or [ServiceNow](/integrations/psa/servicenow/overview).
  </Step>

  <Step title="Choose an access profile">
    On the workflow's **Integrations** tab, pick a quick-start profile or customize each permission group's access level.
  </Step>

  <Step title="Pick allowed ticket fields">
    On the **Tickets** permission group, choose which fields the agent may update (status, priority, type, custom fields, and so on).
  </Step>

  <Step title="Set approval requirements">
    Decide which permission groups require technician approval for writes.
  </Step>
</Steps>

<Tip>
  Start with **Helpdesk** and technician approval on for writes. Watch the agent's actions in [Event History](/product/event-history), then widen the permissions and turn approval off for routine operations as you build confidence.
</Tip>