Here’s my scenario:
Using a compliance and orchestration tool that has the ability to call out using web APIs: (In this case, ForeScout CounterACT). I’d like to build a policy that during business hours if a user is logged into their workstation, they are also available (or at least logged in / connected) to HipChat. Natively with CounterACT I could check to see if the hipchat process (on Windows/Mac/*nix) is running, however that would not work if they were using a mobile client or a web client. I’d like to use the Web API to verify the user is logged in, and then I can use the API to store that as a token, and verify the endpoint “meets compliance”. I’m a bit confused by the model of building an “add-on” and assigning it to a room, etc. What would be the proper method for me to gain access to the web API of hipchat in order to query that active status of our users?