Skip to main content

Automox Endpoint Management Integration Setup

This guide walks you through integrating Automox with RAD Security to ingest managed-device inventory and device compliance findings, and to trigger remediation on a device from RAD. Automox is a cloud-native endpoint management platform. RAD Security connects to the Automox API using an API token and pulls device inventory and compliance posture on a scheduled basis to correlate them with your runtime, cloud, and Kubernetes security data.
Read-only ingestion, with one write action: RAD only reads device inventory and compliance from Automox. The single exception is device remediation — RAD can trigger a remediation action on a device through Automox. That action is RBAC-gated (requires tenant write permission) and recorded as an OCSF Device Control Finding.

Prerequisites

Before you begin, ensure you have:
  • An Automox account with API access
  • Permission to create an API key in Automox
  • Your Automox Organization ID
  • Access to a RAD Security workspace with integration permissions

Understanding Integration Components

RAD Security authenticates to the Automox API using an API token (API key) generated in your Automox account. The token is stored as a secret and never returned by RAD.
The Organization ID scopes the integration to a single Automox organization and is used in the Automox API requests. You can find it in your Automox account settings.
The API URL override is optional. Leave it blank to use the default Automox API endpoint; set it only if Automox directs you to a non-default API host.
RAD Security ingests Automox device inventory and compliance via scheduled polling. Data arrives on RAD’s polling cadence rather than being pushed by Automox.

Step 1: Create an API Key in Automox

1

Sign in to the Automox Console

Log in to the Automox console with an account that has permission to manage API keys.
2

Create an API Key

Open your account/profile settings and navigate to the API Keys section. Create a new API key and copy its value.
Copy the API Key immediately. The full value is typically shown only once at creation time. Store it securely in a password manager or secrets vault.
3

Locate Your Organization ID

Find your Organization ID in your Automox account or organization settings.
Exact console navigation and labels may vary across Automox versions. See the Automox developer documentation for the current steps to create an API key and locate your Organization ID.

Configure in RAD Security

Navigate to your RAD Security workspace and configure the Automox integration with the following parameters:

Required Parameters

ParameterRequiredDescription
API TokenYesAutomox API key used to authenticate API requests
Organization IDYesAutomox organization identifier that scopes the integration
API URLNoOptional override for the Automox API base URL; leave blank for the default

Verify Integration

1

Check Connection Status

  1. Navigate to Data Sources > Integrations > Endpoint Management in RAD Security
  2. Locate your Automox integration
  3. Verify the connection status shows as Connected
Your Automox integration is now configured! RAD Security will ingest device inventory and compliance findings from Automox on a scheduled basis.

What Data is Synced

Managed devices, mapped to OCSF Device Inventory Info (5001) — hostname, OS, hardware, serial, owner, managed/compliant flags, risk, and first/last-seen timestamps.
Device compliance posture, mapped to OCSF Compliance Finding (2003) and stored as security findings. Feeds unified posture analysis and RADBot.
The one write action — RAD can trigger an Automox remediation on a device. RBAC-gated (tenant write) and recorded as an OCSF Device Control Finding.

Use Cases

Compliance Management

Track device compliance gaps from discovery through remediation across your Automox fleet.

Asset Visibility

Use managed-device inventory to understand your endpoint estate and reduce attack surface.

Threat Response

Trigger Automox remediation on a non-compliant or compromised device directly from RAD.

RADBot Prioritization

Leverage RADBot to prioritize Automox device findings by real-world impact.

Troubleshooting

Possible causes:
  • Incorrect API token
  • The API key was revoked or disabled in Automox
Solution:
  • Verify the API token is copied correctly (no extra spaces)
  • Confirm the API key is still active in Automox
  • Regenerate the key in Automox and update it in RAD Security if needed
Possible causes:
  • Incorrect Organization ID
  • The organization has no devices or compliance data in scope
Solution:
  • Verify the Organization ID matches your Automox organization
  • Confirm devices exist in the Automox console for the configured organization
Possible causes:
  • The calling user lacks tenant write permission in RAD Security
  • The API key lacks permission to run remediation in Automox
Solution:
  • Confirm your RAD role grants tenant write
  • Confirm the Automox API key has the required remediation permissions

Security Best Practices

Use a Service Account

Create a dedicated API key for the RAD integration rather than tying it to a personal account.

Least Privilege

Grant only the permissions required to read inventory and compliance, plus remediation if used.

Rotate Credentials

Rotate the API token periodically according to your security policy.

Secure Secret Storage

Store the API token in a secrets vault. Never commit it to version control.

Additional Resources

Automox Documentation

Official Automox developer documentation, including API keys

Endpoint Management Overview

Learn about RAD’s endpoint management integrations

Next Steps

Endpoint Management Integrations

Explore other endpoint management integration options

Data Sources

Connect additional security data sources

RADBot

Learn how RADBot helps prioritize findings