A group or entity within the Rewst platform that may have its own variables, forms, workflows, and users, organizations enable multi-tenanted management and customization of the platform according to specific customer needs. You may see us refer to an organization as an org for short.
Rewst uses a two-tier system to manage organizations, with your MSP as the parent org and your customers as child orgs. To make automations work for your managed clients/customers, set them up as child orgs. Each time you bring on a new customer account, you'll need to add a corresponding child org in Rewst to enable automations for them.
 (1).png)
{% hint style="success" %}
We recommend using the Bulk Create Client from PSA Crate to add the majority of your customers quickly during your Rewst onboarding, and using the Add Client to Rewst Crate to streamline the mapping process for each new customer you add in the future. You can also add organizations manually, or through the Microsoft Cloud Bundle.
For information on how to access the organizations menu in Rewst, see our documentation here.
{% endhint %}
{% embed url="https://youtu.be/rYLnWl54Sz8?si=m8o7WGyaMIIRmGmy" %}
Organization variables, referred to as org variables for short, serve as the foundational elements for setting and managing configurations across different organizational levels within Rewst. They ensure consistency and control within workflows, and facilitate efficient management across the organizational hierarchy.
Organization variables can manually be added by navigating to Settings > Organization Variables in the left side menu of your Rewst platform. In this page, view a total list of all org variables for your selected organization. Note that org variables are visible only one level deep - you'll see them for a child org of a parent org, but not the child org of that child org, for example.
When unpacking Crates, you may be prompted to fill out forms within those Crates to set up your organization variables. Once the form is submitted, the variables will appear in this total list.
Filter or view the list by using the section headers of the Name, Value, Category, Organization or Created By date columns to specify your criteria.
The Organization Variables submenu of the Rewst platform
-
Click
to add a new org variable. This will open up a new, editable row at the top of the total org variable list.\
-
Enter the information for your variable into the relevant fields.
-
Click
to save your org variable when done. Alternatively, click 
to cancel the creation of the org variable.
Organization variables may be edited one-by-one, or in bulk.
Edit all organization variables by clicking 
at the top right corner of the total organization variables list.
Edit an individual organization variable by clicking to the right of that organization variable.
Click 
to the right of an individual organization variable to delete it.
The Category drop-down selector holds several options to choose from when creating new organization variables. If you choose secret, whatever text you enter into the Value field for that organization variable will be its secret. You might be asked for this value when unpacking several of our more complicated Crates.
Inheritance: Values set at the parent organization level cascade down, providing a default setup for all child organizations.
Overrides: Child organizations can establish their own variables, prioritizing local settings over defaults inherited from their parent organization. Overrides don't cascade down to suborganizations of child organizations. They exist just for that one child org where they are set.
For example, consider a scenario where you have three layers of organizations:
Parent > Child 1 > Child of Child 1.
If you create a workflow at the parent level and run the workflow via trigger as Child of Child 1, the organization variable value will come from the parent, not the Child 1 organization.
Access variables seamlessly in any workflow with the following syntax:
{{ ORG.VARIABLES.<variable_name> }}- Employ descriptive and straightforward wording using
snake_casefor clarity. - Prefix integration-specific variables appropriately, like
psa_for PSA-related variables.
{% hint style="info" %}
Defining Boolean Values: always use lowercase true or false to align with Rewst's standardized practices. This uniform approach applies to all future workflow designs. Existing legacy workflows may display variations.
{% endhint %}
Creating your own org variables enables you to build logic into your custom workflows so that you don't need to hardcode values within workflows.
For example, instead of hardcoding a client's service tier as gold directly in a workflow, you can create a service_tier org variable, reference that variable wherever the tier is needed across automations, and update the org variable in one place if the names of service tiers change.
Once you've set your org variables, your workflows can reference them to run automation selectively — for example, only triggering managed-client workflows where is_managed is true.
| Variable name | Example value |
|---|---|
is_managed |
true |
service_tier |
gold |
uses_simplified_onboarding |
false |
managed_pc_license_guid |
|
security_group |
IT-Admins |
mail_enabled_group |
AllStaff |
| default_OU | OU=UserAccounts, OU=Departments,OU=Marketing,DC=CONTOSO,DC=COM |
The use as default feature allows managing organizations to set a universal default value for an org variable. This default is applied to suborganizations unless they specify their own value.
- Set a default: When you set a variable as default at the MSP level, it becomes the fallback for suborganizations without a specified value.
- Workflow execution context:
- The default value is only used if the workflow is initiated from the managing organization.
- To apply the default value to Client A, the workflow must start from the MSP, even if it operates within Client A’s context.
- Triggers and context:
- Implementing triggers in the workflow ensures that the execution context is recognized. This facilitates the use of MSP-level defaults in sub-organization workflows.
{% hint style="info" %} When setting organization variables, you might need to enter in API status IDs in numeric value rather than by their display names. For example, "In Progress" would have the ID of "3" in the API.
An easy way to find these is through the workflow builder, using create ticket actions for each PSA. {% endhint %}
-
Navigate to Automations > Workflows in your Rewst platform.
-
Click the Create button to create a new workflow.
-
Add the following action type, depending on the brand of PSA you use:
-
ConnectWise PSA: Create Service Ticket
-
Datto PSA: Create Ticket v2
-
Halo PSA: Add or Update Tickets
-
-
Click the ⋮ in your action to open up its settings.
-
Click in any field with a blue arrow.
-
Select the Display name you want the ID for, then click the
to the left to get the ID.
{% hint style="warning" %} Note that this method will only work for the three indicated PSA brands: ConnectWise, Datto, and Halo. {% endhint %}
See more on organization variables for forms unpacked from Crates here.
Certain org variables are essential for onboarding processes and are utilized by the Get and Set Org Variables Workflow to ensure smooth integration and setup for new users or systems.
| Variable | Form Field | Use | Valid Values |
|---|---|---|---|
automation_task_new_user_time | New User Automation Task Time | Default time for the "New User" workflow, to add to the ticket at completion | int in minutes |
automation_task_offboard_user_time | Offboard User Automation Task Time | Default time for the "Offboard User" workflow, to add to the ticket at completion | int in minutes |
crate_sync_contacts_report_only | Crate - Sync Contacts - Report Only | If a user is missing, this will create a ticket for them with the relevant user information | bool |
cw_control_session_group_override | CW Control Session Group Override | This org variable setting will allow you to use a different session group than All Machines. The session group name needs to match whatever session group you would like to use and is case sensitive. Example: All Machines by Company | string |
cwm_nopod | Manual License Confirmation No Pod Notification | This organization variable is used in the manual license purchase workflow, by default the workflow attempts to prompt for approval via a Manage pod. If pods are not configured in your environment then this org variable should be used to override the default behavior which will provide the prompt via a ticket note. | true(string) |
default_psa | Default PSA | Identifies the PSA that you use | cw_manage kaseya_bms datto_psa halo_psa freshdesk servicenow mail_only |
default_psa_contact_type | N/A | This will make the PSA Contact Type field in the user on-boarding form auto populate the field with the provided value(s) | This org variable should be a JSON formatted string with a list of id(s), as an example [3]. |
default_rmm | Default RMM | Identifies the RMM that you use | cw_automate cw_control datto_rmm i mmybot ninja_rmm n_able kaseya_vsa kaseya_vsa_x agent_smith |
form_default_aad_groups | Form Default: AAD Groups | Used so that if the form forces a default, this is the value supplied in the if statement. Example is [{"department": "Jesse"},{"department": "dam"}] | list |
form_default_department | Form Default: Department | Used so that if the form forces a default, this is the value supplied in the if statement. Example is [{"id": "68c2878a-6739-438c-bf5a-d8c2bea39573","label": "Dist Group Two"},{"id": "936eb764-36c4-4ac6-b264-c532caeb217c","label": "Group Me Up Buttercup - Distribution"}] | list |
form_default_distribution_aad_groups | Form Default: AAD Distribution Groups | Used so that if the form forces a default, this is the value supplied in the if statement. Example is [{"department": "Jesse"},{"department": "dam"}] | list |
form_default_email_domain | Form Default: Email Domain | Used so that if the form forces a default, this is the value supplied in the if statement | string |
form_default_license_sku | Form Default: License SKU | Used so that if the form forces a default, this is the value supplied in the if statement | list |
form_default_location | Form Default: Location | Used so that if the form forces a default, this is the value supplied in the if statement | string |
form_default_onprem_groups | Form Default: On-Prem Groups | Used so that if the form forces a default, this is the value supplied in the if statement. Example is [{"id": "68c2878a-6739-438c-bf5a-d8c2bea39573","label": "Dist Group Two"},{"id": "936eb764-36c4-4ac6-b264-c532caeb217c","label": "Group Me Up Buttercup - Distribution"}] | list |
form_default_orgunit | Form Default: OU (OrgUnit) | Used so that if the form forces a default, this is the value supplied in the if statement. Example is [{"id": "fb53fb9f-208f-451c-9391-6092eb7c4e1b","label":"OU=Disabled Users,OU=Pedro Users,OU=Pedro Ltd,DC=ad2,DC=pedroaviary,DC=com"}] | list |
form_default_phone_number | Form Default: Default Phone Number | Used in the workflow itself that if the org var is specified, it'll use it if none on the form | string |
form_default_security_aad_groups | Form Default: AAD Security Groups | Used so that if the form forces a default, this is the value supplied in the if statement. Example is [{"department": "Jesse"},{"department": "dam"}] | list |
form_default_supervisor | Form Default: Supervisor | Used so that if the form forces a default, this is the value supplied in the if statement | string |
halo_ticket_site_name | Halo Site Name Override | This org variable is used to define a site name in the Halo ticket creation sub workflow, if not defined then 'Main' will be used. This is only required if you would like to use something other than 'Main' | string |
hudu_create_contact_in_asset | HUDU Create Contact In Asset | Used to create a contact in Hudu and the password and relate them togehter | int |
hudu_form_excluded_forms | Hudu excluded forms | For adding Rewst forms to Hudu, variable can be defined to set forms to ignore | |
itg_form_excluded_forms | ITGlue excluded forms | For adding Rewst forms to ITGlue, variable can be defined to set forms to ignore | |
itglue_custom_actions | IT Glue Custom Actions | If the client uses ITG, this will trigger a subworkflow for actions in the user onboarding workflow | bool |
licencing_choose_subscription | Licensing Choose Subscription | Used to decide whether the "Show Subs" option appears in New User Onboarding form | bool |
license_purchases_in_new_ticket | New Ticket for License Purchases | When prompting in tickets for license purchases, do so in a new ticket | 1 or 0 (boolean ) |
m365_mandatory_license_groups | Mandatory Licensing Groups | If you use license groups with Microsoft 365 you can specify those groups here. This allows you to create a group of licenses that the user will be added to if selected. | list of group_names |
m365_require_authorization_for_new_licenses | Require Authorization for License Purchases | Pause workflows for Inquiry when new license purchases are needed | 1 or 0 (boolean ) |
m365_usage_location | M365 Usage Location (not in form) | Country Code such as "US" or GB" | str |
ms_licensing_distributor | Microsoft Licensing Distributor | Microsoft License Distributor (where to purchase CSP licenses) | pax8 microsoft_csp ingram_micro sherweb synnex manual_only |
new_user_approval_email | New User Approval Email | When email approval is needed for new user adds, use this address | email address |
new_user_azure_ad_attributes_to_copy | Form Default: new_user_azure_ad_attributes_to_copy | Used to specify which properties of the user being copied to apply to the new user Example is ["location","city","street_address","desk_phone","company","usage_location","department","user_title","mobile_phone","postcode","state"] | list |
new_user_manual_approver_field | Adds a field on forms for specific approver email | Allows the field in New User to show up and add a specific e-mail approver | 1 or 0 (boolean ) |
new_user_on_prem_attributes_to_copy | New User On Prem Attributes To Copy | Determines which attributes Rewst copies from the existing user when setting up a new user, using the copy user method | |
new_user_password_save_location_custom_url | New User Password Save Location Custom URL | In the event that we are storing a password in a custom PWPush, put the URL here | |
new_user_password_save_locations | New User Password Save Location | Where to store the password during new user creation. Default to PSA if not defined | List of psa``itglue``hudu``custom-pwpushother systems |
no_azure_ad | No Azure AD | ORG Does not use AzureAD | bool |
no_psa_mail_address | No PSA - Mail to Address | If there is no PSA, we will mail information to this address | str email addr |
offboarding_user_approval_email | Offboard User Approval Email | When email approval is needed for offobarding users, use this address | email address |
onboard_excluded_org_variables | Onboard Excluded Org Variables | This org variable overrides the variables automatically excluded when you create a user using new employee onboarding. | string |
onboard_output_ignore_vars | New Employee Output Exclusion Variables | This organization variable is used to override the default output configuration exclusions for the output_context variable. Example value: ["execution_id","organization","originating_execution_id","rewst","sentry_trace","trigger_instance","max_retries","sendMail_from_user_object"] | list |
onboarding_form_default_orgunit | Microsoft Onboarding Form Default: Organization Unit Field | Used in the Microsoft Onboarding form at the Organization Unit Field which allows users to set a default OU, this is the value supplied in the if statement. | Example Value: [{"id":"63111ab9-136e-4072-32a5-24221a331ded","default":true,"label":"OU=REWSTUsers,OU=Users,OU=RewstTest,DC=rewsttest,DC=local"}] |
onprem_exchange_server | On-Prem Exchange Server | Server name to use if you have on-prem Exchange | ComputerName in RMM |
onprem_hybrid_exchange | On-Prem Hybrid Exchange | Set to true to identify this client as using Hybrid Exchange setup (Usage of Enable-RemoteMailbox) | |
onprem_no_adsync | On-Prem No AD Sync (not in form) | If there is no ADSync configured between on-prem and M365 (needs to be added manually) | bool |
override_email_domains | Override Email Domains | List of email domains to show rather than querying from M365 | List of domains |
pax_8_removal_ignored_subs | N/A | Add product's to ignore based on the Microsoft product displayname | Value is expected to be a json formatted list such as ["O365DOMAIN_STANDARDW_PRIVACY"] |
pax8_unmapped_alert_ignore_list | PAX8 Unmapped Company Alert Exclusions | This organization variable is used to specify a list of Rewst OrgID's to ignore when creating alerts for the alert_on_unmapped_orgs setting in the "Pax8 Extra License Removal" workflow of the "Alert on Unused M365 Licenses" crate | list |
phone_number_format | Preferred Phone Number Format | Format to use for phone numbers (stringifies ints with formatting) | NXX NXX XXXX NXXNXXXXXX NXX-NXX-XXXX NXX.NXX.XXXX |
preferred_domain_controller | Preferred Domain Controller | Choose this DC instead of letting automation decide | ComputerName in RMM |
primary_identity_provider | Primary Identity Provider | Specify where users are created for the organization, either on premise or in Azure | on_prem azure_ad jumpcloud |
psa_active_customer_status | Active Customer Statuses | Statuses in PSA for active customer organizations | List of status types from PSA |
psa_alert_ticket_type | PSA Alert Type Variable (Halo) | This organization variable is used to specify the ticket type for Halo PSA customers in workflows such as the DUO bypass user workflow and Exchange mailbox nearing quota workflow. The type id should be specified (example: 32) | int |
psa_all_notes_internal | All Internal Notes | When adding notes, check if they should all be internal or allowed some external | bool |
psa_custom_actions | PSA Custom Actions | Used to allow a sub-workflow execution at the end of the new employee workflow (set to 1 to enable) | bool |
psa_custom_note | PSA Custom Note | If the client wants a custom note on a ticket, we can use this variable to branch off on update tickets | string |
psa_default_agreement_name | Default Agreement Name | If you set a default agreement in your PSA on ticket creation, enter the name of it here. | str name of agreement |
psa_default_board_id | Default Ticket Location | The default PSA board (or other organizing feature) that Rewst will use to create tickets on when running automations | (depends on psa) |
psa_default_tech_id | Default Tech ID | Tech Id to user when updating ticket time | id of tech to use for time entries |
psa_default_tech_workrole | Default Work Role | Tech Work Type to user when updating ticket time | id of tech work type to use for time entries |
psa_default_tech_worktype | Default Work Type | Tech Work Role to user when updating ticket time | id of tech work role to use for time entries |
psa_default_ticket_priority | Default Priority | The default ticket priority that Rewst will use when creating tickets | name or id of ticket status |
psa_default_ticket_source | PSA Default Ticket Source | Used in the Datto creation of the ticket during new user workflow and defines the source of the ticket | int |
psa_default_ticket_status | Default Ticket Status | The default ticket status that Rewst will use when updating tickets. This is the status that Rewst will use when actively working on a ticket. It usually set to "In Progress" or a similar status. | name or id of ticket status |
psa_license_purchase_board_id | Board ID for License Tickets | The PSA Board ID to use when license purchases are in a separate ticket | int board_id for CWM |
psa_new_user_ticket_item | New User Ticket Item | Ticket Item to use on the New User Board when creating a ticket | int for item_id in CWM |
psa_new_user_ticket_subtype | New User Ticket Subtype | Ticket SubType to use on the New User Board when creating a ticket | int for subtype_id in CWM |
psa_new_user_ticket_type | New User Ticket Type | Ticket Type to use on the New User Board when creating a ticket | int for type_id in CWM |
psa_no_ticket_time | No Time in Tickets | Set this when you don't want automation to put time_worked in tickets. The "Yes" option will add notes in the ticket we create when running an automation. The "No" option will let us impersonate a technician to apply time under there name for automations that run. We do this because we can't apply time via the API for most PSAs. | 1 or 0 (boolean ) |
psa_send_from_address | Send From Address | When sending mail, we can set the "replyTo" address to this, to allow for proper ticket responses | str email addr |
psa_store_password_in_ticket | Store Password in Ticket | When documenting the password, this will never store it in the ticket if set to false | bool |
psa_ticket_status_completed_task | Ticket Status when Workflow Complete | The default ticket status that Rewst will use when we finish an automation. Consider this the "quality check" status to make sure everything ran properly. | name or id of ticket status |
psa_ticket_status_waiting_input | Ticket Status while Waiting for Input | The default ticket status that Rewst will use when tickets are waiting for user input. This applies in cases where the automation will pause and prompt a technician to do an additional step outside of the automation before then returning to the ticket to confirm that action has taken place. This will then kickoff the automation to continue from the position it left off. | name or id of ticket status |
psa_vip_contact_type | VIP Contact Type | Contact Type to set for VIP users | name or id of Contact Type |
require_approval_for_new_users | Require Approval For New User | Controls the new user approval requirement. | (1 or 0) or (true or false) |
require_approval_for_offboarding_users | Require Approval For Offboarding Users | Controls the new user approval requirement. | bool |
rmm_preferred_adconnect_server | Preferred ADConnect Server | If your ADConnect is on a specific server, specify it here | str hostname of server |
send_sms_to_user | Form Option: Send password via SMS | Sending passwords via SMS carries associated risks. Please be sure that your risk tolerance is considered before enabling this option. | int |
time_entry_ticket_status | Time Entry Ticket Status | Set tickets to this status to enable time entry | strStatus Name or int ID to use |
user_start_date_action | User Start Date Action | How to handle start_date in user onboarding | default document_only : only show in ticket |
username_format | Username Format | The format of the users username | flast firstl firstmlast |
get_subscribed_products_show_free | Direct Licenses | Allows the user to remove a condition that filters licenses with a Prepaid unit value greater than 1000000. This will usually result in licenses such as PowerBI Free to show up as an option. | true(string) |