I'd like to build a compliance check to verify hipchat users are active


Here’s my scenario:

Using a compliance and orchestration tool that has the ability to call out using web APIs: (In this case, ForeScout CounterACT). I’d like to build a policy that during business hours if a user is logged into their workstation, they are also available (or at least logged in / connected) to HipChat. Natively with CounterACT I could check to see if the hipchat process (on Windows/Mac/*nix) is running, however that would not work if they were using a mobile client or a web client. I’d like to use the Web API to verify the user is logged in, and then I can use the API to store that as a token, and verify the endpoint “meets compliance”. I’m a bit confused by the model of building an “add-on” and assigning it to a room, etc. What would be the proper method for me to gain access to the web API of hipchat in order to query that active status of our users?


Hi Paul,

The HipChat v2 API is what you’re looking for:

And more specifically, the API method you’re looking for is View User:

That method will tell you the last time a user was active.

Below is a step-by-step – of course, I recommend you navigate through the rest of the API docs to build your best approach to solving the problem.

  1. Create a personal access token. This is a quick and dirty way for you to access the REST API for your instance.
    a. Go to: https://www.hipchat.com/account/api
    b. In the Create new token form, provide name/label for the token (i.e. “Test Token”)
    c. In scopes, choose the View Group
    d. Click Create
    e. Copy the Token value

  2. Fetch a complete list of users across your entire HipChat instance
    Call https://YOURINSTANCE.hipchat.com/v2/user?auth_token=TOKENHERE

  3. Fetch the details about a single user – either the user_id or an email address can be used
    Call https://YOURINSTANCE.hipchat.com/v2/user/USERID?auth_token=TOKENHERE
    Call https://YOURINSTANCE.hipchat.com/v2/user/EMAIL?auth_token=TOKENHERE

You’ll get something like this back:

   "name":"Neil Mansilla",
   "title":"Head of Developer Experience",

And of course, the gold you’re looking for is in last_active and perhaps the presence object. This should be a good starting point.

Take care,