Run or schedule a script with the API

I check the API docs and the community, but didn’t find any way to run or a schedule a script on devices using the API.
I’d like the ability to do this with the API as we have a few automations in place for onboarding and offboarding users and computers and we’d like to incorporate Bitlocker force recovery for our automated user offboarding process.

While I agree it would be nice - I guess the real question is what are you doing that requires use outside of Syncro it self? For example, why not make a on/offboarding script or policy?

We have an offboarding form our client fills out whenever they need to offboard a user. When the offboard form is submitted, it triggers a webhook to our automation platform built with Azure Runbooks and LogicApps. The automation runs actions like disabling the user in Microsoft 365, removing licenses, groups, and other user offboarding tasks.
From there, we’d like for the automation to trigger a script to run on the user’s asset in Syncro to force Bitlocker recovery screen (yes we realize there’s Intune for that component but not all of our clients are licensed for that).

Sounds good, just adding, while this wouldnt be automation for say in terms of just calling an API, you can still make this happen I believe without the need of the API.

For example, your webhook to create an alert with that device (API: RMM Alert) → then using Automated Remediation (Can be used to filter out the different calls - aka, one for off/onboarding users) → Run script → Off/Onboarding task

1 Like

Wow, thanks Travis! While it’s still a workaround, it’s not a bad idea.

I’m happy I posted this, I’ll consider this a solution for now and will try to test your proposed logic.

Hi Travis.
So I’m trying to create the workflow for this using the API to find the Asset linked to that particular contact that we are offboarding, and I see there is an endpoint for getting Customers, Contacts, and assets. For the Assets endpoint, there is a “query” parameter for GET calls. Yet, there is no documentation on the syntax of the query paramater.
For example, I’d like to do something like this:

curl -X GET "" -H "accept: application/json" -H "Authorization: REDACTEDTOKEN"

But that doesn’t seem to work

Nevermind, I figured it out by trying it like so (even though I didn’t see this documented):

curl -X GET "" -H "accept: application/json" -H "Authorization: REDACTEDTOKEN"

Spoke too soon. I was testing that with a customer that only had one asset. Once I moved another asset into it, that request then returned both assets. So looks like I’m still stuck.
There’s gotta be a way in the api to get assets mapped to a specific contact without having to filter through all assets in a specific customer.

So after some tinkering, I got a rough PoC working.
There are some things not well documented with the API, specifically, the RMM Alerts endpoint. There are some properties in the json body that the documentation failed to clearly mention to pass in the body. However, I do see that it shows it in the example response, but that is not clear at first glance and what also is unclear is which of these properties actually map to the "Alert Description that’s used as the condition in the Automation Remediation module.
Here’s what the API shows for the body to pass:

  "customer_id": 0,
  "asset_id": 0,
  "description": "string",
  "resolved": true,
  "status": "string",
  "properties": {
    "subject": "string",
    "body": "string",
    "hidden": true,
    "sms_body": "string",
    "do_not_email": true,
    "tech": "string"

Here’s what you need to pass if you want the description to populate in Syncro and to use that as the “Alert Description” condition in the Automated Remediation module:

    "status":  null,
    "description":  "Offboarding",
    "formatted_output":  "Offboarding",
    "customer_id":  0,
    "properties":  {
                       "trigger":  "Offboarding",
                       "tech":  null,
                       "subject":  "Offboarding",
                       "hidden":  false,
                       "description":  "Offboarding",
                       "body":  "Offboarding",
                       "sms_body":  null,
                       "do_not_email":  true
    "asset_id":  0,
    "resolved":  false

Notice the “formatted_output” in the root of the json, and the “description” and “trigger” properties nested within “properties”.

Without adding those additional properties in the body, the Alert Description failed to populate in the RMM Alert.