Are you looking to move your TimeZest account from your current PSA to HaloPSA? Follow these instructions first: How can I migrate TimeZest to another PSA?
This article describes how to create a security role in HaloPSA which grants the minimal set of permissions that TimeZest needs to operate.
You'll need to have the Administrator role for your HaloPSA instance to perform these steps.
In HaloPSA, go to Configuration, then Teams & Agents, then Roles.
Select New to create a new role. Give the new role the following permissions:
General Permissions
Is a HaloPSA Administrator: Yes
Feature Access
Tickets Access Level: Read and Modify
Customers Access Level: Read and Modify
Users Access Level: Read and Modify
Calendars and Appointments Access Level: Read and Modify
Sales Access Level: Read and Modify
Ticket Permissions
Can add new tickets: Yes
Can view unassigned tickets: Yes
Can view Tickets that are assigned to other Agents: Yes
Can Re-assign Tickets: Yes
Can Edit Tickets Which Are Not Assigned To Them: Yes
Calendar and Appointments Permissions
Editing of Appointments: Can Edit All Appointments
Adding New Appointments: Can Add All Appointments
Visibility of Appointments: Can View All Appointments
Deleting of Appointments: Can Delete All Appointments
Ticket Type Restrictions
Allow use of all Ticket Types: Yes
Client Restrictions
Allow use of all Customers: Yes
TimeZest only requires the "Is a HaloPSA Administrator" permission for the initial setup, as this permission is required to install the TimeZest custom tab. It can be removed once TimeZest is configured.
Finally, click Save to save the role.
Additional Settings
An additional step to complete before proceeding to the next step of creating an API Agent is to ensure how new users (your clients) are created if they don't yet exist in HaloPSA:
Go to Configuration > Billing > General Settings, scroll down to the Advanced Settings and make sure that Accounts ID on new Customers and Products are mandatory option is not selected.