BullPhish ID integration with Graphus

The Status column on the Graphus Integration page identifies if the service is Active/Inactive/Error. When the integration is Active, synchronization happens each time a user opens the Graphus Integration page. 

• Active Status: Integration is displayed as Active when all organizational criteria covered in the prerequisites is met.
  
• Inactive Status: The status will be Inactive if an organization does not have a unique domain. 
  
• Error Status: Organizations with users not protected by Graphus will be auto-set to an Error state and cannot use Graphus integration. Only users protected by Graphus can use this integration. The Download icon will appear so you can download a CSV file containing the list of users not protected by Graphus.
  
  
• Email Error Status on the detailed campaign page: This status appears when emails cannot be delivered to unlicensed Microsoft users.
  
• In-Process Status: This status appears when integration is ongoing or still in process.

The Updated column displays the last sync date and time.
  

Once the integration is active, you can start scheduling the campaigns using the Graphus service. See the following articles:

• Creating a phishing campaign

• Creating a training campaign

After campaign emails are successfully delivered, you can view the campaign service information from the View All Campaign page in BullPhish ID.

1. Select Phishing Simulation > View All Campaigns or Training & Awareness > View All Training Campaigns.
2. Review the Service column.
   

Service column icons

The scheduled icon is shown when a campaign is scheduled in the future. This icon is also displayed when a campaign is canceled while in the Scheduled Status.

The Graphus icon is shown for campaigns using Graphus integration as the Service. The icon is displayed when a campaign is in progress, has been canceled (after processing starts), or completed.

The SMTP icon is shown for campaigns using SMTP as the Service. The icon is displayed when a campaign is in progress, canceled (after processing starts), or completed.

Both the Graphus icon and the SMTP icon are displayed when a campaign starts processing using Graphus integration as the Service but then must use SMTP (i.e, Graphus integration becomes inactive). The icons are displayed in the reverse order when a campaign starts processing using SMTP as the Service but then uses Graphus integration (i.e, Graphus integration is enabled).

Campaign Service column scenarios based on Graphus integration status

• Campaigns that start while the Graphus service is in the Error Status: Graphus integration cannot be enabled for an organization that doesn't have all user mailboxes protected by Graphus.
  
  Therefore, campaign emails will be delivered using the SMTP service.
  
  

• Targets not protected by Graphus that are added to an in-progress campaign: When an organization's Graphus integration status is Active, all targets are protected by Graphus and each will receive the campaign email via Graphus. However, if a new target is added that is not protected by Graphus, either manually in BullPhish ID or by directory sync, to a group for which a campaign is in-progress, the status of the integration becomes Inactive. The new target will receive the campaign email via SMTP.
  Any new targets added when the integration is Inactive, regardless of whether the target is protected by Graphus, will receive the campaign email via SMTP.
  In this example, in the Service column, the Graphus icon indicates that the campaign emails were sent initially by Graphus and when the integration became Inactive, emails were sent by SMTP, as indicated by the SMTP icon.
  

You can see the options menu on your active Integrations page and perform the following actions from the dropdown:

• View: Allows you to view the Graphus Integration page. 
• Disconnect: Disconnects the active integration with Graphus. 
  
  A pop-up appears on the screen with the following message: Are you sure you want to disconnect integration with Graphus?. To proceed, click Disconnect.
  

The following Statuses are indicated on the Integrations page:

• Not connected: The status when Graphus integration has not been configured.
• Connected: The status when Graphus integration is connected.
• Syncing: This status appears when syncing with Graphus. The message is displayed Syncing in Progress. This might take a while. Refresh the page in a few minutes.
  

1. In Graphus, select MSP Administration > Integrations.
   
2. Click the BullPhish ID Connect button.
   
   
3. In the confirmation modal, click OK.
   
   
4. The BullPhish ID Status field indicates Connected. Click the Edit button.
   
5. Hover to the right of the API Key field and click the Copy to clipboard icon.
    

6. In BullPhish ID, select Settings > Integrations.
   This page lists the available integration services.
   
7. Click the Graphus Connect button.
   
8. In the API Key field, paste the API key you copied from Graphus and click Verify.
   
   When the API key is verified successfully, you will see a confirmation message.
   
   
9. Once the API Key is verified successfully, the domains in Graphus will attempt to be synchronized in BullPhish ID.
   
   • If all domains from Graphus are associated with BullPhish ID SMB organizations, synchronization is completed and the following message is displayed.
     
   • If some of the domains from Graphus are not associated with BullPhish ID SMB organizations, the following message is displayed.
     
     SMB organizations associated with more than one domain will not be synced. See the article How do I ensure an SMB organization is associated with a unique domain?

IMPORTANT  If no SMB organization(s) is integrated with Graphus, see the article Why didn't SMB organizations sync after integration with Graphus?

NOTE  Several organizations can use the same API key from Graphus without any limitations.

1. In BullPhish ID, select Settings > Integrations.
2. For the Graphus integration, click the three-dot vertical menu and select Disconnect.
   
3. In the confirmation modal, click Disconnect.
   
   

1. Select MSP Administration > Integrations.
   
2. Click BullPhish ID's Edit button.
   

3. If desired, generate a new API key. You may want to refresh the API key in the following cases: You feel there might be a breach/security attack. Or, you want to use a new security key as a proactive security measure. Refreshing the API key disables the connection in BullPhish ID. You will need to reconnect using the new API key.

1. Select the Refresh API Key check box.
   
   
2. In the text box, type REFRESH in all uppercase letters.
   Note: It is best practice to require confirmation as it prevents spam and automated data extraction from websites.
   

NOTE  If you don't type REFRESH in the text box, an error message will be displayed.

3. Click the Refresh button.
   
4. Copy the new API key.
5. In BullPhish ID, click the Graphus Connect button.
   
6. In the API Key field, paste the API key you copied from Graphus and click Verify.
   

4. If you want to disconnect the integration:
   1. Select the Disconnect API Key check box.
   2. In the text box, type DISCONNECT in all uppercase letters.
      Note: It is best practice to require confirmation as it prevents spam and automated data extraction from websites.
      
   3. Click the Disconnect button. You are redirected to the Integrations page where the Status field shows BullPhish ID is Disconnected.

IMPORTANT  When you disconnect the API Key, the key becomes invalid on the BullPhish ID portal. Future campaigns will be sent via the SMTP service. In such a scenario, the administrator must verify the required whitelisting is complete to ensure emails can be delivered.