Skip to main content

Who is this article for?

Incydr Professional, Enterprise, Horizon, and Gov F2
Incydr Basic, Advanced, and Gov F1

Find your product plan in the Code42 console on the Account menu.

Instructor, no.

Incydr Professional, Enterprise, Horizon, and Gov F2, yes.

Incydr Basic, Advanced, and Gov F1, yes.

Code42 Support

Deauthorize and resume monitoring a data connection


To help protect you from data loss, you can use Code42 to monitor when files are downloaded as reports from your business data in Salesforce, moved to and from cloud storage environments (such as Google Drive or Microsoft OneDrive), or emailed as attachments through Gmail or Office 365.

This article explains how to deauthorize those data connections so that Code42 no longer has access to user data in those environments. You can also resume monitoring cloud storage data connections to resolve errors, reconfigure cloud storage scoping, or restart the collection of file activity from data connections after a pause.

For information about disconnecting an automated integration, see Configure Incydr Flows.


  • You cannot deauthorize a cloud storage data connection (Google Drive, OneDrive, or Box, for example) or email service data connection (such as Gmail or Office 365) while the status is Initializing. Wait for the connection to indicate that it has a status of Monitoring or Error before attempting to deauthorize.
  • If needed, you can use this process to reconfigure scoping for monitoring a cloud storage connection's users or groups.
  • Google Workspace administrators must have the Super Admin role in order to share file activity data with Code42 without errors. For more information see Resolve Google Drive security data errors.
  • Deauthorization is not available for automated integrations. For more information, see Configure Incydr Flows.
  • Cloud storage and email service connections are not available in the Code42 federal environment.

Deauthorize a data connection

Deauthorize a Salesforce, cloud storage, or email service data connection to stop monitoring it for new event activity.

For cloud storage data connections, you can resume monitoring that connection for up to 90 days after you deauthorize it. After 90 days, Code42 removes the cloud storage or email service's configuration and authorization information. To resume monitoring that connection again after 90 days have elapsed, you must set it up as a new connection.

For Salesforce, Gmail, and Microsoft Office 365 data connections, Code42 removes the connection's configuration and authorization information immediately after deauthorization. To resume monitoring one of these data connections, you must set it up again as a new connection.

For all connections, events that have been collected prior to deauthorization remain searchable in Forensic Search for up to 90 days.

  1. Sign in to the Code42 console.
  2. Select Administration > Integrations > Data Connections
  3. Locate the connection to deauthorize in the table, then click View details View details.
  4. Click Deauthorize.
  5. When the dialog box opens, read the information and then click Deauthorize.
    At this point, Code42 stops collecting new file activity from the data connection.
  6. If you do not plan to resume monitoring the connection, remove Code42's access in the external console.
    Removing Code42's access in the external console is optional, but may increase security. After deauthorization, Code42 immediately stops monitoring or accessing that environment.

Remove Code42's access in Box

Remove Code42's access in Google Drive or Gmail

Remove Code42's access in Microsoft OneDrive or Office 365 email

Remove Code42's access in Salesforce

Resume monitoring a data connection

You can resume monitoring cloud storage connections for up to 90 days after you deauthorized the initial connection. Code42 removes connections that have been deactivated for over 90 days. To resume monitoring a Salesforce, Gmail, or Microsoft Office 365 email service after deauthorization, set it up as a new connection.

  1. Sign in to the Code42 console.
  2. Select Administration > Integrations > Data Connections
  3. Locate the connection to resume monitoring in the table, then click View details View details.
  4. Click Resume Monitoring.
    You can resume monitoring only connections with a status of Deauthorized. You cannot resume monitoring a Salesforce, Gmail, or Microsoft Office 365 email service. Instead, set it up as a new connection to monitor that service again.
  5. Follow the prompts to authorize Code42 to monitor file events on that connection.
    Option to update administrator email address
    If you are resuming monitoring of a Google Drive environment, you can change the administrator's email address if needed. When doing so, you can change the username in the email address, but the domain used (such as "") must remain the same. This new email address must be associated with a Google Workspace administrator that has the Super Admin role.

Use cases

You can deauthorize and then resume monitoring a cloud storage connection to update the scoping used or resolve errors. In most cases, errors caused by permissions or licensing issues within the cloud storage environment can be resolved by deauthorizing the connection and then immediately resuming its monitoring.

Some use cases for using the deauthorization and resume monitoring processes for a cloud storage connection are detailed in the following articles:

  • Was this article helpful?