Merge pull request #51 from squaredup/work/fw/ninjaone-tests

clarkd · web-flow · commit 7ae174c9a760 · 2026-05-26T11:32:10.000+01:00
fix: drop offline_access scope from NinjaOne OAuth, add configValidation
diff --git a/plugins/NinjaOne/v1/configValidation.json b/plugins/NinjaOne/v1/configValidation.json
@@ -0,0 +1,11 @@
+{
+    "steps": [
+        {
+            "displayName": "NinjaOne connection",
+            "dataStream": { "name": "organizations" },
+            "success": "Successfully connected to NinjaOne",
+            "error": "Cannot connect to NinjaOne — verify your Region, Client ID, and Client Secret, and ensure the client app is type 'API Services' with Monitoring, Management, and Control scopes enabled.",
+            "required": true
+        }
+    ]
+}
diff --git a/plugins/NinjaOne/v1/docs/README.md b/plugins/NinjaOne/v1/docs/README.md
@@ -4,18 +4,18 @@ To use this data source, you will need to create OAuth2 API credentials in your
 
 ## Create NinjaOne API Credentials
 
-1. Log in to your NinjaOne portal
-2. Navigate to **Administration** > **API** > **Add Application**
-3. Configure the application:
-    - **Application Name**: Enter a descriptive name (e.g., "SquaredUp Integration")
-    - **Allowed Grant Types**: Ensure "Client Credentials" is enabled
-    - **Scopes**: Select the following scopes:
-        - `monitoring` - Required for device monitoring data
-        - `management` - Required for management operations
-        - `control` - Required for control operations
-        - `offline_access` - Required for refresh tokens
-4. Click **Create Application**
-5. Copy the **Client ID** and **Client Secret** - you will need these when configuring the plugin in SquaredUp
+1. Log in to your NinjaOne portal.
+2. Navigate to **Administration** > **Apps** > **API** and click **Add**.
+3. When prompted to choose an **Application Platform**, select **API Services**. This is what enables the Client Credentials grant type the plugin uses — **there is no separate "Client Credentials" checkbox to tick on the next screen.**
+4. On the **Client app** screen, fill in:
+    - **Name**: A descriptive name (e.g., "SquaredUp Integration").
+    - **Redirect URIs**: `https://app.squaredup.com/settings/pluginsoauth2`
+    - **Scopes**: Tick all three:
+        - `Monitoring` — required for device monitoring data
+        - `Management` — required for management operations
+        - `Control` — required for control operations
+    - **Allowed grant types**: `Refresh token` is **not** required by the plugin and can be left unticked.
+5. Save the application. NinjaOne will then show the **Client ID** and **Client Secret** — copy both, as you'll need them when configuring the plugin in SquaredUp. (The Client Secret is only shown once on creation; if you lose it, use **Generate new secret** to issue a new one.)
 
 ## Configure the Plugin in SquaredUp
 
@@ -77,11 +77,11 @@ This plugin provides the following data streams for monitoring your NinjaOne env
 
 ## Troubleshooting
 
-**Authentication Failed**: Ensure your Client ID and Client Secret are correct and that "Client Credentials" is enabled as an allowed grant type in your NinjaOne API application.
+**Authentication Failed**: Verify your Client ID and Client Secret are correct. Also check that your NinjaOne client app was created with the **API Services** application platform — this is what makes Client Credentials the active grant type. There is no separate "Client Credentials" checkbox in the client app screen; if you picked a different platform (e.g. Web app), the OAuth token request will fail.
 
 **No Data Returned**: Verify that the selected API Region matches your NinjaOne instance region.
 
-**Insufficient Permissions**: Ensure the API application has all required scopes (`monitoring`, `management`, `control`, `offline_access`).
+**Insufficient Permissions**: Ensure the API application has all required scopes (`Monitoring`, `Management`, `Control`).
 
 ## Additional Resources
 
diff --git a/plugins/NinjaOne/v1/metadata.json b/plugins/NinjaOne/v1/metadata.json
@@ -1,7 +1,7 @@
 {
     "name": "ninja-one",
     "displayName": "NinjaOne",
-    "version": "1.1.9",
+    "version": "1.1.10",
     "author": {
         "name": "SquaredUp Labs",
         "type": "labs"
@@ -23,7 +23,7 @@
             "oauth2ClientSecret": "{{clientSecret}}",
             "oauth2TokenUrl": "{{apiBaseUrl}}/oauth/token",
             "oauth2ClientSecretLocationDuringAuth": "body",
-            "oauth2Scope": "monitoring management control offline_access"
+            "oauth2Scope": "monitoring management control"
         }
     },
     "links": [
diff --git a/plugins/NinjaOne/v1/ui.json b/plugins/NinjaOne/v1/ui.json
@@ -35,16 +35,16 @@
         "validation": {
             "required": true
         },
-        "placeholder": "Enter your Client ID"
+        "placeholder": "Enter a Client ID"
     },
     {
         "type": "password",
         "name": "clientSecret",
-        "label": "Client Secret",
-        "help": "Enter the Client Secret from your NinjaOne API credentials",
+        "label": "Client secret",
+        "help": "Enter the Client secret from your NinjaOne API credentials",
         "validation": {
             "required": true
         },
-        "placeholder": "Enter your Client Secret"
+        "placeholder": "Enter a Client secret"
     }
 ]
