Provision user attributes to Code42

Overview

Companies typically keep each employee's information in a directory service, such as Microsoft Active Directory, Workday, or Okta Universal Directory. This information includes the employee's job title, manager, department, work location, and so on. This information can be valuable when performing analysis of security events in Code42.

To get this information into Code42 so it can be displayed in security dashboards, it must be provisioned from the provisioning provider in use at the company, such as Entra ID (Azure AD), Okta, PingOne, or Code42 User Directory Sync. This article provides an overview of the process.

Considerations

  • Companies must set up their own integration between their directory service and a provisioning provider supported by Code42.
  • Provisioned user attributes are shown in features of the Code42 console only if you have an Incydr product plan or the Platinum or Diamond retired product plans.

Supported user attributes

The supported user attributes that can that can be provisioned to Code42 are:

  • First name
  • Last name
  • Title 
  • Division 
  • Department 
  • Employee Type
  • Manager
  • Locality (City)
  • Region (State)
  • Country
  • External ID

Once they are provisioned to Code42 they may appear in the following places in the Code42 console:

Configure provisioning

To provision user attributes to Code42, you must configure a supported provisioning provider. See the following articles:

When you configure a supported provisioning provider using the articles above, part of the setup is mapping user attributes to Code42. These sections in the articles listed above describe user attribute mapping:

Troubleshoot problems with user attributes

User attributes do not appear after provisioning

If user attributes do not appear in the User profile and other features in the Code42 console after provisioning, check the Sync Log to ensure that user attributes were provisioned correctly. 

If provisioned user attributes don't appear in the Sync Log, refresh the provisioning synchronization: