# Device42 ### Overview The Device42 integration enables Veza to discover and analyze users, groups, and permissions within your Device42 environment, for insights into your IT asset management and data center infrastructure. The integration supports: * Discovery of Device42 admin users and their properties * Mapping of Device42 admin groups and their members * Analysis of permissions assigned to admin users and groups * Visualization of Device42 data within the Veza platform for comprehensive access governance ### Prerequisites * A Device42 instance with administrator access * API access enabled in your Device42 environment * Veza platform access with permissions to add new integrations ### Configuring Device42 #### Generate API Credentials 1. Log in to your Device42 account as a superuser. 2. Open the **Resources** tab. 3. In the **Secrets** section, click on **API Clients**. 4. Click **Add** to create a new API client. ![Add an API client.](/files/9s9XoKgykxjdQmuSYnuL) 5. Assign a resource owner for the token. 6. Set the Token Time to Live (TTL) for the token. 7. Click **Yes, I saved my keys** to confirm that you have saved your Client Key and Client Secret Key. 8. Click the **Download Credentials** button to retrieve your credentials. Note: Ensure that the user generating the API credentials is a Superuser and has their `is_staff` property set to False. ### Configuring Device42 on the Veza Platform 1. In Veza, use the main menu to open the **Integrations** page. 2. Click **Add Integration** and search for Device42. 3. Click on Device42 and then click **Next**. 4. Enter the required information: | Field | Description | Required | | -------------------------- | ---------------------------------------------------------------------- | -------- | | Device42 URL | URL for Device42 API endpoint including protocol | Yes | | Device42 Client Key | Client key generated in Device42 | Yes | | Device42 Client Secret Key | Client Secret key generated in Device42 | Yes | | Device42 CA Certificate | CA certificate for authentication (if required by the Device42 server) | No | 5. Click **Create Integration** to save the configuration. #### Verifying the Integration 1. To check integration status: 1. On the Veza **Integrations** list, click the integration name to view details. 2. On the details page, review the list of data sources. 3. Use the **Status** column to check if the data source is unavailable or has an error. 4. Click on an individual status to show more details. 2. To view discovered entities: 1. On the Veza **Integrations** list, click **View Dashboard** to show an overview of the entities Veza has discovered. 2. Click an entity type (e.g., Users or Groups) to view the results in **Query Builder**. 3. Review the entities to validate that results and attributes are as expected. ### Supported Entities and Attributes #### Users (Admin Users) | Attribute | Description | | --------------- | ------------------------------------------------ | | `id` | Unique identifier of the user | | `username` | Username of the user | | `name` | Full name of the user (first\_name + last\_name) | | `email` | Email address of the user | | `is_active` | Indicates if the user account is active | | `created_at` | Timestamp of user creation | | `last_login_at` | Timestamp of user's last login | | `is_superuser` | Indicates if the user has superuser privileges | | `is_staff` | Indicates if the user has staff privileges | | `auth_type` | Authentication type (Local or AD) | #### Groups (Admin Groups) | Attribute | Description | | --------- | ------------------------------ | | `id` | Unique identifier of the group | | `name` | Name of the group | ### Built-in Queries The Device42 integration includes pre-configured queries to help you quickly gain insights into your Device42 environment. These queries can be used out-of-the-box or serve as a starting point for more complex analyses: * Monitor the overall number of admin users and groups * Track user activity and identify potentially dormant accounts * Ensure deprovisioning of inactive users * Identify superusers for privileged access management * Correlate Device42 identities with other identity providers for consistent access management #### User-related Queries * **Device42 Admin Users** * Description: All Device42 local admin user accounts * Type: Inventory count * **Device42 Active Admin Users** * Description: Active accounts in Device42 * **Device42 Deactivated Admin Users** * Description: Accounts in Device42 that have been deactivated * **Device42 Admin Users created in the last 24 hours** * Description: Device42 admin users created in the last 24 hours * **Device42 Admin Users not logged in recently** * Description: Number of Device42 admin users with last login 90 days in the past * Type: Inventory count * **Device42 Superusers** * Description: Number of admin users who are Superusers in Device42 #### Group-related Queries * **Device42 Admin Groups** * Description: All Device42 local admin groups * Type: Inventory count * **Device42 Admin Groups with Users** * Description: Device42 admin groups that have users assigned * Type: Inventory count #### Identity Correlation Queries * **Device42 Admin Users Related to Okta Users** * Description: Device42 local admin users with an Okta identity * Type: Inventory count * **Device42 Admin Users Not Related to Okta Users** * Description: Device42 local admin users who do not have an Okta identity * Type: Inventory count * **Device42 Admin Users Related to Azure AD Users** * Description: Device42 local admin users with an Azure AD identity * **Device42 Admin Users Not Related to Azure AD Users** * Description: Device42 local admin users who do not have an Azure AD identity ### Additional Resources * [Official Device42 API Documentation](https://api.device42.com/) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/integrations/integrations/device42.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.