NinjaOne API Scripts
NinjaOne API Examples

Start NinjaOne Patch Scan

This script triggers an OS Patch Scan for a specified Windows device within the NinjaOne platform. It automates the process of initiating an OS Patch scan. Note this does not apply OS patches, just initiates a scan.

PowerShell
# --------------------------------------------------
# Author: Gavin Stone (NinjaOne)
# Attribution: Luke Whitelock (NinjaOne) for his work on the Authentication Functions
# Date: 25th March 2025
# Description: Triggers the API Patch Scan for Windows Devices
# Version: 1.0
# --------------------------------------------------

# User editable variables:
$NinjaOneInstance = 'eu.ninjarmm.com' # Please replace with the region instance you login to (app.ninjarmm.com, us2.ninjarmm.com, eu.ninjarmm.com, ca.ninjarmm.com, oc.ninjarmm.com)
$NinjaOneClientId = ''
$NinjaOneClientSecret = ''
$NinjaDeviceIDToPatchScan = '117' # Please replace with the device ID you wish to patch

# Functions for Authentication
function Get-NinjaOneToken {
    [CmdletBinding()]
    param()

    if ($Script:NinjaOneInstance -and $Script:NinjaOneClientID -and $Script:NinjaOneClientSecret ) {
        if ($Script:NinjaTokenExpiry -and (Get-Date) -lt $Script:NinjaTokenExpiry) {
            return $Script:NinjaToken
        }
        else {

            if ($Script:NinjaOneRefreshToken) {
                $Body = @{
                    'grant_type'    = 'refresh_token'
                    'client_id'     = $Script:NinjaOneClientID
                    'client_secret' = $Script:NinjaOneClientSecret
                    'refresh_token' = $Script:NinjaOneRefreshToken
                }
            }
            else {

                $body = @{
                    grant_type    = 'client_credentials'
                    client_id     = $Script:NinjaOneClientID
                    client_secret = $Script:NinjaOneClientSecret
                    scope         = 'monitoring management'
                }
            }

            $token = Invoke-RestMethod -Uri "https://$($Script:NinjaOneInstance -replace '/ws','')/ws/oauth/token" -Method Post -Body $body -ContentType 'application/x-www-form-urlencoded' -UseBasicParsing
    
            $Script:NinjaTokenExpiry = (Get-Date).AddSeconds($Token.expires_in)
            $Script:NinjaToken = $token
            
            Write-Host 'Fetched New Token'
            return $token
        }
        else {
            Throw 'Please run Connect-NinjaOne first'
        }
    }

}

function Connect-NinjaOne {
    [CmdletBinding()]
    param (
        [Parameter(mandatory = $true)]
        $NinjaOneInstance,
        [Parameter(mandatory = $true)]
        $NinjaOneClientID,
        [Parameter(mandatory = $true)]
        $NinjaOneClientSecret,
        $NinjaOneRefreshToken
    )

    $Script:NinjaOneInstance = $NinjaOneInstance
    $Script:NinjaOneClientID = $NinjaOneClientID
    $Script:NinjaOneClientSecret = $NinjaOneClientSecret
    $Script:NinjaOneRefreshToken = $NinjaOneRefreshToken
    

    try {
        $Null = Get-NinjaOneToken -ea Stop
    }
    catch {
        Throw "Failed to Connect to NinjaOne: $_"
    }

}

function Invoke-NinjaOneRequest {
    param(
        $Method,
        $Body,
        $InputObject,
        $Path,
        $QueryParams,
        [Switch]$Paginate,
        [Switch]$AsArray
    )

    $Token = Get-NinjaOneToken

    if ($InputObject) {
        if ($AsArray) {
            $Body = $InputObject | ConvertTo-Json -depth 100
            if (($InputObject | Measure-Object).count -eq 1 ) {
                $Body = '[' + $Body + ']'
            }
        }
        else {
            $Body = $InputObject | ConvertTo-Json -depth 100
        }
    }

    try {
        if ($Method -in @('GET', 'DELETE')) {
            if ($Paginate) {
            
                $After = 0
                $PageSize = 1000
                $NinjaResult = do {
                    $Result = Invoke-WebRequest -uri "https://$($Script:NinjaOneInstance)/api/v2/$($Path)?pageSize=$PageSize&after=$After$(if ($QueryParams){"&$QueryParams"})" -Method $Method -Headers @{Authorization = "Bearer $($token.access_token)" } -ContentType 'application/json' -UseBasicParsing
                    $Result
                    $ResultCount = ($Result.id | Measure-Object -Maximum)
                    $After = $ResultCount.maximum
    
                } while ($ResultCount.count -eq $PageSize)
            }
            else {
                $NinjaResult = Invoke-WebRequest -uri "https://$($Script:NinjaOneInstance)/api/v2/$($Path)$(if ($QueryParams){"?$QueryParams"})" -Method $Method -Headers @{Authorization = "Bearer $($token.access_token)" } -ContentType 'application/json; charset=utf-8' -UseBasicParsing
            }

        }
        elseif ($Method -in @('PATCH', 'PUT', 'POST')) {
            $NinjaResult = Invoke-WebRequest -uri "https://$($Script:NinjaOneInstance)/api/v2/$($Path)$(if ($QueryParams){"?$QueryParams"})" -Method $Method -Headers @{Authorization = "Bearer $($token.access_token)" } -Body $Body -ContentType 'application/json; charset=utf-8' -UseBasicParsing
        }
        else {
            Throw 'Unknown Method'
        }
    }
    catch {
        Throw "Error Occured: $_"
    }

    try {
        return $NinjaResult.content | ConvertFrom-Json -ea stop
    }
    catch {
        return $NinjaResult.content
    }

}

# Connect to NinjaOne API
try {
    Connect-NinjaOne -NinjaOneInstance $NinjaOneInstance -NinjaOneClientID $NinjaOneClientId -NinjaOneClientSecret $NinjaOneClientSecret
}
catch {
    Write-Output "Failed to connect to NinjaOne API: $_"
    exit 1
}

Invoke-NinjaOneRequest -Method Post -Path "device/$($NinjaDeviceIDToPatchScan)/patch/os/scan"
View on GitHub ↗

Start-NinjaOnePatchScan.ps1

Overview

This script triggers an OS Patch Scan for a specified Windows device within the NinjaOne platform. It automates the process of initiating an OS Patch scan. Note this does not apply OS patches, just initiates a scan.

Equivalent in Ninja

Screenshot of Ninja Patch Scan

Attribution

  • Author: Gavin Stone (NinjaOne)
  • Attribution: Luke Whitelock (NinjaOne) for his work on the Authentication Functions
  • Source: Start-NinjaOnePatchScan.ps1

Requirements / Prerequisites

  • NinjaOne API Credentials:
    • NinjaOneClientId
    • NinjaOneClientSecret
  • NinjaOne Instance URL: e.g., eu.ninjarmm.com

How It Works

  1. Authentication: The script authenticates with the NinjaOne API using the provided client ID and client secret. It obtains an access token, which is used for subsequent API requests.
  2. Initiate Patch Scan: After successful authentication, the script sends a POST request to the NinjaOne API endpoint corresponding to the specified device, triggering a patch scan.

Usage

  1. Set User Variables:

    • Open the script in an appropriate editor like Visual Studio Code or PowerShell ISE.

    • Replace the placeholder values with your actual NinjaOne instance, client ID, client secret, and the device ID you wish to initiate the OS patch scan on:

      $NinjaOneInstance = 'your_ninjaone_instance' # e.g., 'eu.ninjarmm.com'
$NinjaOneClientId = 'your_client_id'
$NinjaOneClientSecret = 'your_client_secret'
$NinjaDeviceIDToPatchScan = 'device_id' # e.g., '117'

  2. Run the Script:

    • Save the changes.

    • Execute the script in PowerShell:

      .\Start-NinjaOnePatchScan.ps1

Expected Output

Upon successful execution, the script will connect to the NinjaOne API and trigger an OS patch scan for the specified device.

Troubleshooting

  • Issue: Authentication fails with an error message.

    • Solution: Verify that the NinjaOneClientId and NinjaOneClientSecret are correct

  • Issue: The script cannot connect to the NinjaOne API.

    • Solution: Ensure that the NinjaOneInstance URL is correct and accessible from your network.

  • Issue: Patch scan does not initiate.

    • Solution: Confirm that the NinjaDeviceIDToPatchScan corresponds to a valid device ID in your NinjaOne account.

Notes

  • Ensure that your NinjaOne API credentials are kept secure and not shared.
  • The script is designed for Windows devices managed within NinjaOne.