BullPhish ID integration with Graphus

Use Graphus integration to eliminate the need for domain whitelisting and ensure 100% campaign deliverability to your end users. The Graphus API gives BullPhish ID the ability to place phishing and training emails directly into end user inboxes as opposed to sending them through the internet, saving you hours of whitelisting time.

This guide is designed for users who want to enable BullPhish ID integration with Graphus. It walks you through a step-by-step integration process. This integration is highly secured since BullPhish ID and Graphus organizations get synced with an API Key and ensure 100% email deliverability. 

Prerequisites 

  • You must be a partner admin with access to BullPhish ID and Graphus accounts.
  • In BullPhish ID, the organization's domain must have at least one active target.
  • Only mailboxes protected by Graphus will receive campaign emails right into their inbox. This is because Graphus needs access to the API to protect the inboxes. Organizations with users that are not protected by Graphus would be set to Error Status by default and cannot use this integration. To review protected users on the Graphus site, see the article How do I find a list of the licensed/protected users on the Graphus side?

Enabling Graphus integration for organizations

As of January 13th, 2025, BullPhish ID integration with Graphus now supports targets across multiple domains. Previously, all targets had to belong to the same domain for the integration to work. Now, as long as all targets are protected by Graphus, they can belong to different domains or subdomains within the organization.

Consider a company named ExampleCo whose domain is exampleco.com. ExampleCo may use different domains for its products, such as widgetx.com and byproduct.com. In addition, these domains may have subdomains, like support.widgetx.com and sales.byproduct.com.

As long as all of the organization's targets are protected by Graphus, the organization can be integrated. Organizations with users that are not protected by Graphus cannot be integrated. If even one user in BullPhish ID isn’t protected by Graphus, the organization’s integration status will change to Error. Additionally, a download button will appear in the organization’s row, providing a report of unprotected users to help identify and resolve the issue.

For more information, see the Graphus integration statuses section below.

IMPORTANT   Integration status may indicate Error until Graphus licensing information is sent to BullPhish ID, which may take up to 24 hours. If all organization users are protected by Graphus, status will automatically update to Active.

The Graphus Integration page includes the following message summarizing the integration functionality.

For organizations that were integrated with Graphus prior to the integration supporting domains and subdomains, a banner appears indicating that domain limitations have been removed. This means domains and subdomains for such organizations are integrated automatically.

The Graphus Integration table shows the name of the integrated organization, the status of the integration, and the date and time the integration was updated.

In the Filter field, results can be filtered by Organization name, Status (Active, Error, Inactive), and Updated.

How to...

Revision Date
Added description when Graphus and SMTP icons are displayed. Added section: Campaign Service scenarios based on Graphus integration status. 2/14/24
Changed all occurrences of "licensed Graphus user" to "user protected by Graphus." 7/31/24
Added tutorial video. 8/23/24
Added "Integrating organization domains" section. Deleted outdated tutorial video. 1/8/25