# Managed Integrations

For each Provider Data Integration, Cisco Identity Intelligence needs to collect various data types to surface specific user information or alert on certain checks. We are constantly adding new data types, which can be a burden for Admins to add manually and stay on top of. We developed Managed Integrations to automatically enable data types for your integrations so that you no longer need to continuously check your data integrations to enable newly added data types. \
\
This article will explain how managed data types appear when configuring a new integration, how to modifying an existing integration's data types, as well as the differences between having a managed or unmanaged integration, and required vs additional data types. 

### Creating a new data integration with managed data types

To create a new data integration:

1. Navigate to the **Integrations** tab within Identity Intelligence and select the blue **+ Add Integration button** on the right side of the screen
2. Select the data integration type you would like to configure (Okta, Azure, etc)
3. Fill in the require fields displayed on the General Settings tab and click the blue **Connect** button on this page

   <mark style="color:red;">**Note**</mark>**:** For most integrations, initial setup steps are required on the data integration side to create keys, secrets, etc needed to fill in the fields of the General Settings page. To learn more about what steps are needed for each specific data integration, refer to the documentation for the [desired integration](https://docs.oort.io/integrations)
4. Once you have clicked **Connect**, Identity Intelligence will test the connection to the integration to ensure the information provided is correct,  and will read the licenses/permissions associated with that data integration to determine what data types are available&#x20;
   1. The connectivity test can take a few minutes to run. All the information is saved, so you can leave this page and come back later if needed
5. <mark style="color:green;">**If the connectivity test is successful:**</mark> Your integration will be saved with the appropriate managed data types based on the licensing/permissions/etc detected for the integration. On the Integrations page, you will see **Connectivity: Successful** and **Collection Status: Success** in the table for the given integration.&#x20;
6. <mark style="color:red;">**If the connectivity test fails:**</mark> If you did not navigate away from this page during the connectivity test, you will see an error message. Review the data that was entered for each field on the General Settings page to make sure there are no mistakes. If there are no errors, click **Keep and Continue** to save the integration. On the Integrations page, you will see **Connectivity: Disconnected** and **Collection Status: Disabled** in the table for the given integration
   1. Click **Edit Settings** for the given integration on the **Integrations** tab
   2. Go to the **Advanced Settings** tab to review the data types. Here you may see some questions regarding license types, permissions,  API permissions, etc that have been filled out according to the integration data received during the connectivity test
   3. Adjusting the answer to any of these questions will change which managed data types are selected for the integration. If any answers are incorrect, fill in the correct answer and confirm the necessary permissions, etc are correctly configured on the data source side as well
   4. Click **Save**&#x20;

**For how to modify an existing integration,** [**jump to the section below**](#modify-an-existing-integration)**.**

### Managed vs unmanaged data integrations&#x20;

By default, all data integrations are managed integrations upon creation. You can determine if a data integration is managed or unmanaged by looking at the **Advanced Settings** page for that integration.

{% hint style="info" %}
We highly recommend keeping integrations in **managed** mode to save time and make sure you aren't missing out on any data!
{% endhint %}

If your integration is ***managed***, when Identity Intelligence adds a new data type for a specific integration, the data type will automatically be enabled and collected for you (assuming the integration has the necessary license, permissions, etc for this data type ).&#x20;

If your integration is ***unmanaged***, when Identity Intelligence adds a new data type for a specific integration, the data type will NOT be automatically enabled and collected. You will need to go to the specific Integration, select **Edit Settings**, go to the **Advanced Settings** tab for the integration and manually select each new data type to start collecting that data. Since new data types are added continuously, you will need to return to each integration page regularly to review any new data types that have been added and enable them.

To change a data integration to managed or unmanaged, use the toggle found on the **Advanced Settings** tab of each data integration.&#x20;

<figure><img src="https://582105988-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqPSBzsjxd7KYg9DNVZ4l%2Fuploads%2FXXL46ELLumdMyE10QjgT%2FScreenshot%202024-10-08%20at%202.47.09%E2%80%AFPM.png?alt=media&#x26;token=ecd08208-a7f1-4ff0-bf18-95adc96f5ca8" alt=""><figcaption></figcaption></figure>

### Required data types vs Additional data types&#x20;

Within each data integration, there can be **required data types** and **additional data types*****.***

**Required data types** are greyed out and cannot be disabled regardless of if the integration is [managed or unmanaged](#managed-vs-unmanaged-data-integrations). These are data types that must be enabled for the data integration to be configured and working properly. Identity Intelligence may add or remove new data types to the required data types, if needed.&#x20;

**Additional data types** are most often associated with the questions at the top of the **Advanced Settings** tab because the additional data types will vary depending on a given data source's licenses, permissions, etc. These questions are answered automatically based on the connectivity test results, but the responses can be modified if needed, which will impact which data types are collected automatically and visible on this page. &#x20;

{% hint style="info" %}
If the integration is not licensed for or doesn't have the correct permissions for a selected data type, you may see errors on the Integrations page noting that the data collection for that integration was not fully successful. If a data type is incorrectly enabled, Identity Intelligence will fail the data collection for *only* that disallowed data type, but will still collect for all other allowed data types.
{% endhint %}

<figure><img src="https://582105988-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqPSBzsjxd7KYg9DNVZ4l%2Fuploads%2Fjh9qYHvR7WKbBAGkW3fe%2FScreenshot%202024-10-10%20at%2011.14.49%E2%80%AFAM.png?alt=media&#x26;token=da6cd8d9-a1b3-4a20-8d52-ec9502a11832" alt="" width="563"><figcaption></figcaption></figure>

**Additional data types** will be greyed out and not editable if the integration is [managed](#managed-vs-unmanaged-data-integrations). If the integration is [unmanaged](#managed-vs-unmanaged-data-integrations), any additional data types will have a check box next to it, indicating that this data type can be modified.&#x20;

Though it is possible to deselect additional data types, ***we highly recommend not removing additional data types to ensure you are collecting as much information as possible for each user and to not impact any checks that may rely on this data.***&#x20;

<figure><img src="https://582105988-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqPSBzsjxd7KYg9DNVZ4l%2Fuploads%2FB82fYDA2LsrE6x6mA4f8%2FScreenshot%202024-10-10%20at%2011.18.03%E2%80%AFAM.png?alt=media&#x26;token=da921b7a-15da-4d3d-b842-6f226694ce92" alt="" width="563"><figcaption></figcaption></figure>

### Modify an existing integration's data types

Existing integrations can be modified via the Advanced Settings in a few ways related to this topic:

* Change an integration from managed to unmanaged, or vice versa, by using the toggle on the Advanced Settings tab to change between managed and unmanaged
* Add or remove additional data types by changing answer(s) to the questions and/or change integration to unmanaged to select/deselect any non-required data types (Note: Required data types cannot be removed)