Nine Minds Logo

Navigation

10.23. Tactical RMM Integration: Connect a Self-Hosted RMM to AlgaPSA

Connect your self-hosted Tactical RMM instance to AlgaPSA with an API key, map Tactical clients to AlgaPSA clients, sync agents into assets, and push alerts into tickets with a webhook.

10.23. Tactical RMM Integration: Connect a Self-Hosted RMM to AlgaPSA
Connect your self-hosted Tactical RMM instance to AlgaPSA with an API key, map Tactical clients to AlgaPSA clients, sync agents into assets, and push alerts into tickets with a webhook.
10. SettingsUpdated: 6/17/2026

Tactical RMM is a popular self-hosted RMM, and many MSPs run it alongside AlgaPSA on their own infrastructure. This integration connects the two: Tactical clients map to your AlgaPSA clients, agents sync into Assets, and Tactical alerts become routed tickets, in real time through a webhook and on a schedule through polling.

For the model all RMM integrations share, see How RMM Integrations Work in AlgaPSA. For alert rules, maintenance windows, and polling, see Turn RMM Alerts into Tickets.

Prerequisites

  • A reachable Tactical RMM instance. AlgaPSA calls Tactical's API, so your AlgaPSA server must be able to reach the Tactical API host (the api. subdomain, for example https://api.yourmsp.com).
  • Tactical's Beta API enabled. AlgaPSA syncs your clients and agents through Tactical's beta API, which ships turned off. On the Tactical server, set BETA_API_ENABLED = True and restart Tactical. Until you do, the connection test and sync fail.
  • A Tactical API key, or a Tactical username and password if you prefer Knox token authentication.
  • Permission to edit alert templates in Tactical (for the webhook step).

Connect AlgaPSA to Tactical

  1. Navigate to Settings > Integrations > RMM in AlgaPSA and select Tactical RMM.
  2. Enter your Instance URL. Use your Tactical API host — the api. subdomain, for example https://api.yourmsp.com, with no trailing /api. Do not use the dashboard address (https://rmm.yourmsp.com): it serves the Tactical web app, so the connection looks like it succeeds but nothing syncs.
  3. Choose an authentication mode under Authentication:
    • API key — paste a key generated in Tactical.
    • Username/password (Knox token) — enter your Tactical username and password. If your account uses two-factor authentication, AlgaPSA prompts for a TOTP code during the connection test.
  4. Click Save.
  5. Click Test Connection. A successful test marks the integration Connected and unlocks the sync sections. The status panel at the top shows your instance URL, mapped organizations, synced devices, active alerts, and last sync time.

Map Tactical clients and sync devices

  1. Click Sync Clients in the Organizations section. AlgaPSA imports your Tactical client list into the Organization Mapping table.
  2. Assign each Tactical client to an AlgaPSA client using the picker on its row, and enable Auto-sync for the ones you want kept current automatically.
  3. Click Sync Devices in the Devices section. Tactical agents from mapped clients become AlgaPSA assets.

Devices from unmapped Tactical clients are skipped, so map first and sync second.

Push alerts with a webhook

Tactical delivers alerts to AlgaPSA through an alert action webhook secured with a shared secret header. The Webhooks (Alerts) section gives you everything to paste into Tactical:

FieldWhat it is
Webhook URLThe AlgaPSA endpoint Tactical posts alerts to. Includes your tenant identifier.
Header NameX-Alga-Webhook-Secret — the header Tactical must send.
Header SecretThe shared secret value. Use the copy button; the eye icon reveals it.
Payload TemplateThe JSON body template to paste into Tactical's webhook action.

In Tactical, create an alert action (URL action) that POSTs to the webhook URL with the header and payload template above, and attach it to your alert templates. From then on, triggered and resolved alerts reach AlgaPSA the moment they happen and flow through your alert rules.

Backfill and polling

  • Sync Alerts (in the Alerts section) is an on-demand reconciliation: AlgaPSA fetches Tactical's currently active alerts and runs anything new through your rules. Use it right after setup to pull in existing alerts, or any time you suspect a webhook was missed.
  • Alert Polling (in the Alert Automation section) does the same on a schedule of 5–60 minutes. Polling also notices when an alert it ingested has cleared in Tactical and closes the untouched ticket. See Turn RMM Alerts into Tickets.

Software inventory

Ingest Software (in the Software Inventory section) imports Tactical's cached software inventory onto synced assets. It reads Tactical's bulk software endpoint without per-agent refresh calls, so it is safe to run on large fleets.

Operational checks

  • The status panel shows Connected, your mapped organization count, and a recent Last Sync.
  • A test alert fired in Tactical creates a ticket on the board your rules choose, and resolving it in Tactical closes the untouched ticket.
  • After enabling polling, Last polled in the Alert Polling card updates within two intervals.

Troubleshooting

SymptomCauseFix
Test Connection succeeds, but Sync Clients imports nothingThe Instance URL points at the dashboard host (rmm.), which returns the Tactical web app for every requestChange the Instance URL to the API host (api.), then save and test again
Test Connection failsTactical's Beta API is off, or the API host is unreachable from AlgaPSASet BETA_API_ENABLED = True on the Tactical server and restart it; confirm AlgaPSA can reach the API host

Related topics