Documentation
incode.com
  1. Integrations Ecosystem

Directory Integrations

Directory integrations connect Incode to your organization's user directory, syncing employee records so that Incode can look up users and perform claims matching during verification sessions.

When a directory integration is configured, Incode can locate a user by their loginHint — typically a corporate email address or employee ID — and match verified identity attributes from their government-issued ID against the data in your directory. This ensures that the person completing a verification is the same person on record.

Directory integrations do not require a linked Workflow and do not trigger verification sessions on their own. They supply the user data that other integration types — such as IAM, Helpdesk, and Custom — rely on when performing directory-backed lookups.

Directory integrations also populate the Directory information page in Dashboard, which lists all synced users and their enrollment status.

📘

Note: Integrations require the Integrations Ecosystem feature to be enabled for your organization. Once enabled, you will have access to a new page called Integrations. Contact your Incode representative to enable this feature.

How directory sync works

Once a directory integration is configured and connected:

  1. Incode pulls your user records from the connected directory (Okta or Microsoft Entra) and stores the relevant identity attributes — name, email, employee ID, and any mapped claims fields.
  2. Records stay in sync — user additions, updates, and deactivations in your directory are reflected in Incode automatically.
  3. When a verification session starts, Incode uses the loginHint to look up the user's directory record and supply their attributes to the claims matching module.
  4. Claims matching runs — verified attributes from the government-issued ID (name, date of birth, address, email, phone) are compared against the directory record. Mismatches can be configured to trigger a hard stop or a soft flag for manual review.
📘

Note

Directory sync is a prerequisite for claims matching in IAM, Helpdesk, and Custom integration flows. Configure your directory integration before setting up dependent integration types.

Available directory integrations

IntegrationStatus
Okta DirectoryAvailable
Microsoft Entra DirectoryAvailable
Bring Your Own Directory (BYOD)Coming soon

Directory vs. IAM integrations

Directory and IAM integrations both involve Okta and Microsoft Entra, but they serve different purposes:

  • Directory integrations handle user data sync. They tell Incode who your users are and what attributes they have.
  • IAM integrations handle authentication flows. They trigger verification sessions when a user signs in, resets credentials, or requires a higher-assurance check.

A directory integration is typically a prerequisite for IAM and other integration types that rely on claims matching. See IAM integrations for the authentication-layer counterparts.

Updated about 2 hours ago