Documentation
incode.com
  1. Integrations Ecosystem

Directory Integrations

Directory integrations connect Incode to your organization's user directory,
syncing employee records so that Incode can look up users and perform claims
matching during verification sessions.

When a directory integration is configured, Incode can locate a user by
their loginHint — typically a corporate email address or employee ID — and
match verified identity attributes from their government-issued ID against
the data in your directory. This ensures that the person completing a
verification is the same person on record.

Directory integrations do not require a linked Workflow and do not trigger
verification sessions on their own. They supply the user data that other
integration types — such as IAM, Helpdesk, and Custom — rely on when
performing directory-backed lookups.

Directory integrations also populate the Directory information page in
Dashboard, which lists all synced users and their enrollment status.

📘

Note: Integrations require the Integrations Ecosystem feature to be enabled for your organization. Once enabled, you will have access to a new page called Integrations. Contact your Incode representative to enable this feature.

How directory sync works

Once a directory integration is configured and connected:

  1. Incode pulls your user records from the connected directory (Okta or
    Microsoft Entra) and stores the relevant identity attributes — name,
    email, employee ID, and any mapped claims fields.
  2. Records stay in sync — user additions, updates, and deactivations in
    your directory are reflected in Incode automatically.
  3. When a verification session starts, Incode uses the loginHint to
    look up the user's directory record and supply their attributes to the
    claims matching module.
  4. Claims matching runs — verified attributes from the government-issued
    ID (name, date of birth, address, email, phone) are compared against the
    directory record. Mismatches can be configured to trigger a hard stop or
    a soft flag for manual review.
📘

Note

Directory sync is a prerequisite for claims matching in IAM, Helpdesk,
and Custom integration flows. Configure your directory integration before
setting up dependent integration types.

Available directory integrations

IntegrationStatus
Okta DirectoryAvailable
Microsoft Entra DirectoryAvailable
Bring Your Own Directory (BYOD)Coming soon

Directory vs. IAM integrations

Directory and IAM integrations both involve Okta and Microsoft Entra, but
they serve different purposes:

  • Directory integrations handle user data sync. They tell Incode who
    your users are and what attributes they have.
  • IAM integrations handle authentication flows. They trigger
    verification sessions when a user signs in, resets credentials, or
    requires a higher-assurance check.

A directory integration is typically a prerequisite for IAM and other
integration types that rely on claims matching. See
IAM integrations for
the authentication-layer counterparts.

Updated 20 days ago