Skip to main content

About Kolide

Kolide is a device trust platform that verifies endpoint security posture before users authenticate to company resources. The Serval Kolide integration connects to api.kolide.com with a Kolide API token so workflows can list devices and people, review open issues, deprovision devices, and approve registration or exemption requests. The integration is marked Beta in Serval’s connect UI. Authentication: API token (Bearer). Tokens start with k2sk_. Serval stores the token encrypted and sends it only to api.kolide.com. Data sync: On demand only. There is no background sync or asset ingestion.

What the Kolide integration enables

CapabilityDescription
Device Trust bundlePrebuilt workflows: list a user’s devices by email, list their open issues, get device posture for a device ID, deprovision a device, and approve exemption or registration requests.
Kolide API requestTyped access to the Kolide v1 API from custom workflows — devices, people, issues, checks, and admin operations your token can perform.
Install the Device Trust bundle from Workflows → Installable, or build custom workflows with the Kolide API request action.

Get your credentials

You need a Kolide API token created by a Full Access administrator.
1

Sign in to Kolide as a Full Access admin

API key management requires Full Access admin privileges in Kolide.
2

Open Settings → Developers → API Keys

Navigate to the API Keys section in Kolide settings.
3

Create a new API key

Generate a token and copy it immediately. Kolide tokens start with k2sk_.
4

Paste the token into Serval

Use the API Token password field in Serval’s Kolide connect form.
Treat Kolide API tokens like production credentials. A Full Access token can deprovision devices and approve security exceptions — scope access to the service account that owns the Serval connection.

Connect in Serval

1

Open the Kolide connect form

In Serval, add the Kolide integration. It is labeled Beta.
2

API Token (required)

Paste your Kolide API token (k2sk_…) into the password field.
3

Save and verify

Submit the form. Serval runs four health checks (below).
When editing an existing connection, leave the token field as its obfuscated placeholder to keep the stored token, or paste a new token to rotate.

Verifying the connection

Four health checks run after you connect:
  1. Test Connection — calls GET /whoami. Success: Connected to Kolide organization "…". Failure: Unable to authenticate with Kolide. Please check your API token.
  2. List Devices — fetches up to 10 devices. Failure usually indicates insufficient token permissions for device reads.
  3. List People — fetches up to 10 people records.
  4. List Issues — fetches up to 10 open issues.
If authentication succeeds but list checks fail, the token is valid but may lack read scopes for that resource type. Regenerate the token with Full Access or adjust Kolide API key permissions.

Gotchas and troubleshooting

Standard Kolide roles without Developers access cannot reach the API Keys page.
Mutating workflows in the Device Trust bundle ship with installer approval. Adjust approval procedures after install if your team wants different governance.
Device Trust workflows resolve Kolide users by email address. Ensure requesters’ corporate emails match their Kolide person records.
Kolide returns paginated result sets. Prebuilt workflows page automatically; custom workflows should request additional pages until a short page is returned.

Need help? Contact support@serval.com for assistance with your Kolide integration.