BullPhish ID integration with Graphus

Use Graphus integration to eliminate the need for domain whitelisting and ensure 100% campaign deliverability to your end users. The Graphus API gives BullPhish ID the ability to place phishing and training emails directly into end user inboxes as opposed to sending them through the internet, saving you hours of whitelisting time.

This guide is designed for users who want to enable BullPhish ID integration with Graphus. It walks you through a step-by-step integration process. This integration is highly secured since BullPhish ID and Graphus organizations get synced with an API Key and ensure 100% email deliverability. 

Prerequisites 

  • You must be a partner admin with access to BullPhish ID and Graphus accounts.
  • In BullPhish ID, the organization's domain must have at least one active target.
  • Only mailboxes protected by Graphus will receive campaign emails right into their inbox. This is because Graphus needs access to the API to protect the inboxes. Organizations with users that are not protected by Graphus would be set to Error Status by default and cannot use this integration. To review protected users on the Graphus site, see the article How do I find a list of the licensed/protected users on the Graphus side?
  • Campaign emails will be sent via SMTP automatically if an issue arises with the Graphus integration. Therefore, organizations using a SMTP relay service in their Microsoft Exchange email process should configure a connector to ensure emails are delivered successfully. See the article Enabling a connector to resolve SMTP relay service email issues in Microsoft Exchange

Enabling Graphus integration for organizations

As of January 13th, 2025, BullPhish ID integration with Graphus now supports targets across multiple domains. Previously, all targets had to belong to the same domain for the integration to work. Now, as long as all targets are protected by Graphus, they can belong to different domains or subdomains within the organization.

Consider a company named ExampleCo whose domain is exampleco.com. ExampleCo may use different domains for its products, such as widgetx.com and byproduct.com. In addition, these domains may have subdomains, like support.widgetx.com and sales.byproduct.com.

As long as all of the organization's targets are protected by Graphus, the organization can be integrated. Organizations with users that are not protected by Graphus cannot be integrated. If even one user in BullPhish ID isn’t protected by Graphus, the organization’s integration status will change to Error. Additionally, a download button will appear in the organization’s row, providing a report of unprotected users to help identify and resolve the issue.

For more information, see the Graphus integration statuses section below.

IMPORTANT   Integration status may indicate Error until Graphus licensing information is sent to BullPhish ID, which may take up to 24 hours. If all organization users are protected by Graphus, status will automatically update to Active.

The Graphus Integration page includes the following message summarizing the integration functionality.

For organizations that were integrated with Graphus prior to the integration supporting domains and subdomains, a banner appears indicating that domain limitations have been removed. This means domains and subdomains for such organizations are integrated automatically.

The Graphus Integration table shows the name of the integrated organization, the status of the integration, and the date and time the integration was updated.

In the Filter field, results can be filtered by Organization name, Status (Active, Error, Inactive), and Updated.

The Status column on the Graphus Integration page identifies if the service is Active/Inactive/Error. When the integration is Active, synchronization happens each time a user opens the Graphus Integration page. 

  • Active Status: Integration is displayed as Active when all organizational criteria covered in the prerequisites is met.
  • Inactive Status: The status will be Inactive if an organization does not have any active targets. 
  • Error Status: Organizations with users not protected by Graphus will be auto-set to an Error state and cannot use Graphus integration. Only users protected by Graphus can use this integration. The Download icon will appear so you can download a CSV file containing the list of users not protected by Graphus.

IMPORTANT  Integration status may indicate Error until Graphus licensing information is sent to BullPhish ID, which may take up to 24 hours. If all organization users are protected by Graphus, status will automatically update to Active.

  • In-Process Status: This status appears when integration is ongoing or still in process.

The Updated column displays the last sync date and time.  

NOTE  On the campaign details page, Email Error will be listed in the Status column when emails cannot be delivered to an unprotected Graphus user.

Once the integration is active, you can start scheduling the campaigns using the Graphus service. See the following articles:

After campaign emails are successfully delivered, you can view the campaign service information from the View All Campaign page in BullPhish ID.

  1. Select Phishing Simulation > View All Campaigns or Training & Awareness > View All Training Campaigns.
  2. Review the Service column.
    14.png

Service column icons

blobid1.pngThe scheduled icon is shown when a campaign is scheduled in the future. This icon is also displayed when a campaign is canceled while in the Scheduled Status.

blobid2.pngThe Graphus icon is shown for campaigns using Graphus integration as the Service. The icon is displayed when a campaign is in progress, has been canceled (after processing starts), or completed.

blobid3.pngThe SMTP icon is shown for campaigns using SMTP as the Service. The icon is displayed when a campaign is in progress, canceled (after processing starts), or completed.

Both the Graphus icon and the SMTP icon are displayed when a campaign starts processing using Graphus integration as the Service but then must use SMTP (i.e, Graphus integration becomes inactive). The icons are displayed in the reverse order when a campaign starts processing using SMTP as the Service but then uses Graphus integration (i.e, Graphus integration is enabled).

Campaign Service column scenarios based on Graphus integration status

  • Campaigns that start while the Graphus service is in the Error Status: Graphus integration cannot be enabled for an organization that doesn't have all user mailboxes protected by Graphus.

    Therefore, campaign emails will be delivered using the SMTP service.

  • Targets not protected by Graphus that are added to an in-progress campaign: When an organization's Graphus integration status is Active, all targets are protected by Graphus and each will receive the campaign email via Graphus. However, if a new target is added that is not protected by Graphus, either manually in BullPhish ID or by directory sync, to a group for which a campaign is in-progress, the status of the integration becomes Inactive. The new target will receive the campaign email via SMTP.
    Any new targets added when the integration is Inactive, regardless of whether the target is protected by Graphus, will receive the campaign email via SMTP.
    In this example, in the Service column, the Graphus icon indicates that the campaign emails were sent initially by Graphus and when the integration became Inactive, emails were sent by SMTP, as indicated by the SMTP icon.

You can see the options menu on your active Integrations page and perform the following actions from the dropdown:

  • View: Allows you to view the Graphus Integration page. 
  • Disconnect: Disconnects the active integration with Graphus. 
    62.png
    A pop-up appears on the screen with the following message: Are you sure you want to disconnect integration with Graphus?. To proceed, click Disconnect.

The following Statuses are indicated on the Integrations page:

  • Not connected: The status when Graphus integration has not been configured.
  • Connected: The status when Graphus integration is connected.
  • Syncing: This status appears when syncing with Graphus. The message is displayed Syncing in Progress. This might take a while. Refresh the page in a few minutes.
    6.png

How to...

  1. In Graphus, select MSP Administration > Integrations.
  2. Click the BullPhish ID Connect button.

  3. In the confirmation modal, click OK.

  4. The BullPhish ID Status field indicates Connected. Click the Edit button.
  5. Hover to the right of the API Key field and click the Copy to clipboard icon.
     
  1. In BullPhish ID, select Settings > Integrations.
    This page lists the available integration services.
  2. Click the Graphus Connect button.
  3. In the API Key field, paste the API key you copied from Graphus and click Verify.

    When the API key is verified successfully, you will see a confirmation message.

  4. Once the API Key is verified successfully, the domains in Graphus will attempt to be synchronized in BullPhish ID.

IMPORTANT   Integration status may indicate Error until Graphus licensing information is sent to BullPhish ID, which may take up to 24 hours. If all organization users are protected by Graphus, status will automatically update to Active.

NOTE  Several organizations can use the same API key from Graphus without any limitations.

  1. In BullPhish ID, select Settings > Integrations.
  2. For the Graphus integration, click the three-dot vertical menu and select Disconnect.
  3. In the confirmation modal, click Disconnect.

  1. Select MSP Administration > Integrations.
  2. Click BullPhish ID's Edit button.
  1. If desired, generate a new API key. You may want to refresh the API key in the following cases: You feel there might be a breach/security attack. Or, you want to use a new security key as a proactive security measure. Refreshing the API key disables the connection in BullPhish ID. You will need to reconnect using the new API key.
    1. Select the Refresh API Key check box.

    2. In the text box, type REFRESH in all uppercase letters.
      Note: It is best practice to require confirmation as it prevents spam and automated data extraction from websites.

NOTE  If you don't type REFRESH in the text box, an error message will be displayed.

    1. Click the Refresh button.
    2. Copy the new API key.
    3. In BullPhish ID, click the Graphus Connect button.
    4. In the API Key field, paste the API key you copied from Graphus and click Verify.
  1. If you want to disconnect the integration:
    1. Select the Disconnect API Key check box.
    2. In the text box, type DISCONNECT in all uppercase letters.
      Note: It is best practice to require confirmation as it prevents spam and automated data extraction from websites.
    3. Click the Disconnect button. You are redirected to the Integrations page where the Status field shows BullPhish ID is Disconnected.

IMPORTANT  When you disconnect the API Key, the key becomes invalid on the BullPhish ID portal. Future campaigns will be sent via the SMTP service. In such a scenario, the administrator must verify the required whitelisting is complete to ensure emails can be delivered.

Revision Date
Added description when Graphus and SMTP icons are displayed. Added section: Campaign Service scenarios based on Graphus integration status. 2/14/24
Changed all occurrences of "licensed Graphus user" to "user protected by Graphus." 7/31/24
Added tutorial video. 8/23/24
Added "Integrating organization domains" section. Deleted outdated tutorial video. 1/8/25