It is possible to rotate the TimeZest API user credentials that TimeZest uses to communicate with Autotask. This should be done if there is the slightest suspicion that the credentials have been compromised, and can be done on a regular basis if your security management requires it.
Following this process will allow the API credentials to be rotated with only a very short period where API access will be disrupted. The period of disruption is between steps 7 and 8 in the below procedure, and should only last for a few seconds. We recommend that you do this away from peak times to avoid any problems with clients scheduling.
You will need to be both a TimeZest Administrator and an administrator of your Autotask instance to perform the following steps.
Procedure
In Autotask, go to the main menu, then Admin, then Account Settings & Users.
Click on RESOURCES/USERS (HR), then Resources & Users.
โFind your TimeZest API user, then click Edit in its context menu.
Click Generate Key and Generate Secret, but do not yet press Save.
In TimeZest, in a new browser window, go to Integrations, and then Autotask.
Copy the newly generated key and secret from Autotask to the Username (key) and Password (secret) fields in TimeZest, but do not yet press Save.
Back in Autotask, press Save & Close, and wait for Autotask to confirm that the new credentials have been saved.
In TimeZest, press Save Changes. TimeZest will test that the API key is able to access Autotask, and will save it and use it for all API calls if it does. You will be shown a notification that the update has been successful.