The CyberHoot integration is currently available in beta. Contact support@msportal.ai if CyberHoot does not appear in your available integrations.
Overview
CyberHoot is a security awareness training and phishing simulation platform for MSPs. By integrating CyberHoot with MSPortal.ai, you can:- View security awareness and compliance metrics for every client in one place
- Track HootScore and per-user training compliance
- Monitor HootPhish challenges and per-participant results
- Include security awareness metrics in client reports
Prerequisites
- An active CyberHoot partner account
- Your CyberHoot API URL and API key
- MSPortal.ai account with integration management permissions
The CyberHoot API exposes endpoints based on the Power-Ups enabled for your account. MSPortal detects the available features automatically during connection, so you only see data your CyberHoot plan provides.
Part 1: Get Your CyberHoot API Credentials
Before connecting to MSPortal.ai, you need your API URL and API key from CyberHoot.1
Log into CyberHoot
Sign in to your CyberHoot Partner portal with an administrator account.
2
Locate Your API Key
Open your partner settings and find the API key section. Copy the API key, or generate one if none exists.
3
Note Your API URL
Your API URL is based on your CyberHoot deployment and always ends with The URL must use HTTPS on the standard port.
/api, for example:Part 2: MSPortal Setup Wizard
MSPortal.ai provides a guided 3-step wizard to connect and configure your CyberHoot integration.Starting the Wizard
1
Navigate to Integrations
In MSPortal.ai, go to Settings > Integrations.
2
Find CyberHoot
Locate the CyberHoot integration card in the list of available integrations.
If the CyberHoot card is not visible, contact support@msportal.ai to have it enabled for your account.
3
Start Setup
Click Configure to launch the setup wizard.
Step 1: Connect
Enter your CyberHoot credentials to establish the connection. As the wizard notes: copy the API URL and API key from the CyberHoot Partner portal. Customer discovery and available features are detected automatically.1
Enter Credentials
Fill in the two fields:
Your API key is stored securely using Supabase Vault encryption. It is never exposed in logs or API responses.
2
Test Connection
Click Test Connection to verify your credentials.On success, you’ll see a confirmation showing your partner name and how many customers were found, for example “Connection verified for Acme MSP with 25 customers.”If the connection fails:
- Verify the API URL uses HTTPS and ends with
/api - Verify the API key was copied without extra spaces
- Ensure the key has not been regenerated since you copied it
3
Connect
Once the connection test passes, click Connect to save your credentials and create the integration. MSPortal immediately starts discovering your CyberHoot customers in the background.When editing an existing integration, the button is labeled Save connection.
Step 2: Map Companies
Map CyberHoot customers to your MSPortal companies. This determines which data syncs to which company.1
Wait for Customer Discovery
Customer discovery starts automatically when you connect. If no customers appear yet, wait a moment and check again.The list includes each customer’s Domain where CyberHoot provides one.
2
Use Quick Match
Click Quick Match to automatically match CyberHoot customers to MSPortal companies based on name similarity. Review the suggested matches and apply the ones that look correct.
3
Manual Mapping
For customers that weren’t automatically matched:
- Find the customer in the list
- Click the Select company dropdown in the “Mapped To” column
- Search for and select the correct MSPortal company
4
Create New Companies
If a CyberHoot customer doesn’t have a corresponding MSPortal company, use Create new company to add one. New companies are automatically mapped to their CyberHoot counterparts.
5
Import Selected
Pending mappings show a Pending badge. Click Import Selected to save them, or click Next, which saves pending mappings automatically.Saving mappings automatically triggers a detailed sync of the newly mapped customers.
Step 3: Status
Review the sync status and finish setup.1
Review Sync Stats
The Status step displays:
- Mapped customers (mapped out of total discovered)
- Active users
- Mean HootScore
- HootPhish challenges
2
Explore Your Data
Use the View security awareness and View reports buttons to jump directly to the synced data.
3
Complete Setup
Click Complete Setup to finish the wizard and return to the Integrations page.
What Gets Synced
CyberHoot integration syncs the following data types to MSPortal for mapped customers:Customers
Your CyberHoot customer inventory, including customer name and domain, used for mapping and for customer-level metrics such as active user counts and HootScore.Users
Per-user records for each mapped customer, including training compliance and user ranking data.Compliance Snapshots
Daily snapshots of customer-level compliance metrics, including HootScore and active user counts, so you can track security awareness trends over time.HootPhish Challenges
Phishing challenge records for each mapped customer, including per-participant results linked to synced users where an email match exists.Available data depends on the Power-Ups enabled in your CyberHoot account. MSPortal detects the available capabilities per customer and syncs what your plan provides.
Synchronization Schedule
After initial setup, data syncs automatically:
In addition to the daily schedule:
- Connecting or updating credentials triggers a customer discovery sync
- Saving customer mappings triggers a detailed sync of the newly mapped customers
Managing Your Integration
After setup, manage your integration from Settings > Integrations:Updating Your API Key
1
Open Integration Settings
Go to Settings > Integrations and click Configure on the CyberHoot card.
2
Enter New Credentials
On the Connect step, update the API URL or API key.
3
Test and Save
Click Test Connection to verify, then click Save connection.
Deleting the Integration
Click Delete in the wizard footer. This removes the integration, synced CyberHoot data, and stored credentials for the connection.Troubleshooting
Security & Privacy
- API Key Storage: Your CyberHoot API key is encrypted using Supabase Vault and never exposed in logs or responses
- Data Isolation: All synced data is tenant-isolated and only visible to your organization
- Read-Only Access: MSPortal only reads CyberHoot data; it never modifies your CyberHoot configuration
Next Steps
After setting up the CyberHoot integration:Build Reports
Include security awareness metrics in client reports
Sync Schedules
See when each integration refreshes its data
Other Integrations
Explore additional integration options
Integration FAQ
Answers to common integration questions