> ## Documentation Index
> Fetch the complete documentation index at: https://docs.neoagent.io/llms.txt
> Use this file to discover all available pages before exploring further.

# RMM API

> How Neo Agents read your RMM — devices, organizations, software, alerts, and patch state

Neo Agents read your RMM through a single API-backed tool — **NinjaOne RMM API**, **Datto RMM API**, **N-Sight RMM API**, **N-Central RMM API**, **ConnectWise Automate API**, **ConnectWise Asio API**, or **Kaseya VSA X API**, depending on which RMM you've connected. It gives the agent the device and monitoring context it needs to triage tickets, pick the right remediation, and spot upsell opportunities.

<Info>
  The RMM API tool appears in your agent automatically once you connect an RMM — there's no separate toggle in the tool list. You control what it can do on the workflow's **Integrations** tab. To **run scripts** on a device, see [Execute RMM Script](/agents/tools/rmm/run-rmm-script).
</Info>

## What It Does

* Look up devices and their details — OS, last check-in, online status, owner, organization
* Map a ticket's configuration item to the right RMM device
* Check installed software and software inventory
* Read open alerts and monitoring conditions
* Check patch and OS-update status
* Read backup status (where the RMM exposes it)
* Map RMM organizations to your PSA companies
* Reach any endpoint your RMM's API exposes, gated by the permission groups you enable

## Permission Groups

Each RMM integration is split into permission groups — for example **Devices**, **Organizations**, **Software**, **Alerts**, **Automation**, **Backup**, and others (the exact set varies by RMM). Every group has an access level:

| Level            | What the agent can do                                    |
| ---------------- | -------------------------------------------------------- |
| **Disabled**     | No access to this category                               |
| **Read Only**    | Query and list operations only                           |
| **Read / Write** | Create and update operations (where the RMM supports it) |

Most RMM use cases only need **Read Only** — the agent reads device and monitoring state to make decisions, and acts through [Execute RMM Script](/agents/tools/rmm/run-rmm-script).

## Safety Controls

| Control                    | Behavior                                                                 |
| -------------------------- | ------------------------------------------------------------------------ |
| **Read-by-default**        | Start with Read Only — the agent observes, scripts do the acting         |
| **Technician-in-the-Loop** | Require human approval before writes — configurable per permission group |
| **Test mode**              | When test mode is on, the agent plans writes but doesn't execute them    |

## How to Configure

<Steps>
  <Step title="Connect your RMM">
    Set up the integration for [your RMM platform](/integrations/rmm/intro).
  </Step>

  <Step title="Choose permission group access levels">
    On the workflow's **Integrations** tab, set each RMM permission group to Read Only or Read / Write.
  </Step>

  <Step title="Enable script execution if needed">
    Turn on the RMM scripting permission to let the agent find and run scripts — see [Execute RMM Script](/agents/tools/rmm/run-rmm-script).
  </Step>
</Steps>

<Tip>
  Pair the RMM API with your PSA and documentation tools: the agent can read a disk-space alert, check the device age in the RMM, run a cleanup script, and — if the device is old — message the customer about a refresh. That's a maintenance ticket turned into a hardware quote.
</Tip>