Skip to main content

Who is this article for?

Incydr Professional, Enterprise, Horizon, and Gov F2
Incydr Basic, Advanced, and Gov F1

Find your product plan in the Code42 console on the Account menu.

Instructor, no.

Incydr Professional, Enterprise, Horizon, and Gov F2, yes.

Incydr Basic, Advanced, and Gov F1, yes.

HOME
GETTING STARTED
RELEASE NOTES
FAQs
APIs
SYSTEM STATUS
Code42 Support

Verify macOS full disk access status

Overview

Due to Apple privacy restrictions, administrators must grant full disk access permissions to the Code42 app to enable Incydr security monitoring and file preservation. This article shows you how to confirm full disk access permissions are configured correctly.

Confirm full disk access status

The Code42 API enables you to confirm if full disk access permissions are configured correctly for both a specific device and an entire organization.

The examples below assume basic familiarity with curl commands.

Code42 Developer Portal
See the Code42 Developer Portal for more API documentation and resources. The portal provides:

Use the Code42 Developer Portal for your API needs as much as possible. APIs in the portal are the preferred way to integrate with Code42 for Incydr users. If you use Code42 APIs that do not appear on the Code42 Developer Portal, contact our Technical Support Engineers for guidance on the best way to integrate with Code42. 

Single device

To check the status of a single device, use this as a template to create a command specific to your Code42 environment:

Copied!
curl -X GET \
  '<request_url>/api/v12/agent-state/view-by-device-guid?deviceGuid=<deviceGuid>&propertyName=<property_name>' \
  -H 'cache-control: no-cache' \
  -H 'content-type: application/json' \
  -H 'Authorization: Bearer <auth_token>'
  1. Replace <request_url> with the address of your Code42 environment (do not include the brackets in your request).
  2. Replace <deviceGuid> with the numeric ID of the device you want to review (do not include the brackets in your request). To find this ID, view the device details in Code42 console and copy the numeric string listed under the device name.
  3. Replace <property_name> with the value for your product plan (do not include the brackets in your request):
    • For Incydr Professional, Enterprise, Horizon, and Gov F2, use full_disk_access (requires agent version 1.5.0 or later)
    • For Incydr Basic, Advanced, and Gov F1, use fullDiskAccess 
  4. Replace <auth_token> with an authentication token.
  5. Execute the curl command in your command-line tool of choice. When prompted, enter your password.
  6. Review the data object in the response. A value of true indicates full disk access is enabled. A value of false indicates full disk access is not enabled. The sample response below confirms full disk access is enabled for deviceGuid 1123581321345589144:
[{"deviceGuid":"1123581321345589144","name":"fullDiskAccess","value":"true"}]

All devices in an organization

To check the status of all devices in an organization, use this as a template to create a command specific to your Code42 environment:

Copied!
curl -X GET \
  '<request_url>/api/v12/agent-state/view-by-organization-id?orgId=<OrgID>&propertyName=<property_name>' \
  -H 'cache-control: no-cache' \
  -H 'content-type: application/json' \
  -H 'Authorization: Bearer <auth_token>'
  1. Replace <request_url> with the address of your Code42 environment (do not include the brackets in your request).
  2. Replace <OrgID> with the numeric ID of the organization you want to review (do not include the brackets in your request). To find this ID, export a CSV file containing the organization's data and locate the orgId value in the exported file.
  3. Replace <property_name> with the value for your product plan (do not include the brackets in your request):
    • For Incydr Professional, Enterprise, Horizon, and Gov F2, use full_disk_access (requires agent version 1.5.0 or later)
    • For Incydr Basic, Advanced, and Gov F1, use fullDiskAccess 
  4. Replace <auth_token> with an authentication token.
  5. Execute the curl command in your command-line tool of choice. When prompted, enter your password.
  6. Review the data object for each device included in the response. A value of true indicates full disk access is enabled. A value of false indicates full disk access is not enabled. The sample response below indicates full disk access is enabled for the first device and not enabled for the second device:
{"deviceGuid":"1123581321345589144","name":"fullDiskAccess","value":"true"},{"deviceGuid":"23337761098715972584","name":"fullDiskAccess","value":"false"}

Related topics

  • Was this article helpful?