Login
    Contents x
    CSV Imports
    • 27 Jun 2024
    • 5 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    CSV Imports

    • Updated on 27 Jun 2024
    • 5 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    This guide will teach you how to import data from a ".csv" file in Clarity Security.  This is useful for loading new data or providing updates to data sets for applications that do not exist in the Marketplace or have no API connection available.

    Estimated time to complete: 10 minutes

    Before you begin:

    To successfully import data from a .csv into Clarity Security,  you'll need the following pre-requisites before you begin:

    1. Properly formatted .csv file for import into clarity with UTF-8 text encoding. In Microsoft Excel "Save As..." is called: "CSV UTF-8 (comma delimited)(.csv)"

    2. Admin access within your Clarity Security tenant

      1. If you are a full admin in Clarity Security and get a permission error when trying to add a new application, reach out to support@claritysecurity.io.

    Importing Data from a CSV

    1. Log in to Clarity Security and click Applications

    2. Click the "Import Data from Files" button

      1. Find the "Import Data from Files" button near the top of the page.

    ALTTEXT

    1. For new apps, use the bottom of the form. To import into an existing app, use the top portion.

    ALTTEXT

    1. Choose Between Complete and Partial
    Data Import Type
    • Complete will include all relevant data you need to import, and will update or remove existing records based on the data included in the import.
    • Partial is used when importing partial datasets, or updating and adding to the existing data in the app.
    1. Select your file(s) and then click Upload Files (2)
      1. You can drag and drop the file into the Upload Files (1) field, or select Choose Files (1) to browse your device.

    ALTTEXT

    1. Select the Type of Data included in the CSV
      1. Your options include Identity, Entitlements, or Identity-Entitlements to indicate what type of data is included in the CSV.
      2. Choosing the Type will load the first two rows of CSV data, excluding headers if you check the option for First row contains column headers.
    Note
    • Select Identity if you are importing a user list with no Entitlement information.
    • Select Entitlements if you are importing a list of roles, policies, teams, or entitlements with no identity information.
    • Select Identity-Entitlements if you are importing a list of users with access to a given application.
    • Select Entitlement-Entitlement if you are importing a list of nested entitlements and their Parent + Child relationship.

    ALTTEXT

    ALTTEXT

    1. Map the Fields you want to Import

    ALTTEXT

    Using Name or Email in place of ID
    • When the option is selected, an Email Address can act as the Unique User ID in the application, if there is not a Unique User ID present for Identity Imports.
    • Additonally the Entitlement Name can be used for the Unique Entitlement ID in the application for Entitlement Imports.

    1. Verify the requirements have been met for your CSV import.

      1. More information on required fields can be found below.

    2. Validate Your Selections and Save and Process the Import

    The requirements for each type of CSV Import:

    Required Fields for Users Only Import

    • ID in Application
    • Full Name or First & Last
    • Email

    Required Fields for Entitlements only Import

    • ID in Application
    • Name
    • Type

    Required Fields for Users + Entitlements Import

    • ID in App of Identity
    • ID in App of Entitlement
    • Entitlement Type

    Required Fields for Entitlement - Entitlement (Parent + Child) Import

    • ID in App of Parent Entitlement
    • Parent Entitlement Name
    • ID in App of Child Entitlement
    • Child Entitlement Name

    Special Notes for Mappable Fields:

    Not all fields are available for every type of data import

    Field NameSpecial Notes
    Ignore FieldThis is the default, use this option for any data you don't want to import.
    ID in App of IdentityThis is a unique identifier used in the application
    ID in App of EntitlementThis is the unique identifier or name of the entitlement from the application.  Some applications like AD groups have a unique identifier as well as a name (GUID vs. the object name "Development Team".  If your entitlement does not have a separate identifier, then use the checkbox "Entitlement Name is the unique Entitlement ID in the Application" to use the name for both fields.
    Full Name or First & Last NameYou only need to provide the full name field, or the first and last name field to satisfy the name import.
    EmailThis is the email for the Identity.  If this is your unique identifier, use the checkbox in the top right to indicate this.
    ActiveUse this field for data that indicates if the identity is active or inactive (Possible Values for true: 1, 'yes', 'Yes', 'YES', 'Y', 'y', 'ACTIVE', 'Active', 'active', 'True', 'true', 'TRUE', all other values would be interpreted as false). If you do not provide a field for this, it will be assumed active for all users.
    Identity StatusThis would be a field that helps describe their active/inactive status, however, this field is not used to determine the user's active or inactive status. Examples would include "Leave of Absence", "On Leave", etc.
    Supervisor IdentiferThis option is used for providing the identifier for the Identity's supervisor.
    AttributeUse this option to open a field for typing a custom attribute name.
    Permission (options list)An entitlement is found on the user object where each user has a single value for this column.
    Permission (true/false)An entitlement is found on the user object where the value in the column is either true or false.  Clarity determines the user has the entitlement if the value is true only.  Possible Values for true: 1, 'yes', 'Yes', 'YES', 'Y', 'y', 'ACTIVE', 'Active', 'active', 'True', 'true', 'TRUE', all other values would be interpreted as false.
    Entitlement NameThis field is for the name of the entitlement. Examples of this would be the group name, license name, policy name, role name, etc.
    Entitlement TypeThis field helps you provide helpful information about the entitlement.  Entitlements can be groups, licenses, policies, roles, etc.  This field is required if you are importing entitlements.
    High RiskThis field is used to indicate if an entitlement is a High Risk.  This is a flag in Clarity that you can perform Access Reviews filtering with. Possible Values for True: 1, 'yes', 'Yes', 'YES', 'Y', 'y', 'High Risk', 'high risk', 'Highrisk', 'highrisk', 'true', 'True', 'TRUE', all other values would be interpreted as false.
    DefinitionThis field can be used to populate the definition field for entitlements in Clarity.  Definitions act as the explanation of what an entitlement provides in its application.  This is extremely helpful when an entitlement is an acronym or shorthand that an access reviewer may not recognize.
    Entitlement Owner IDThis field is used to provide an owner's unique identifier for an entitlement.  In Clarity, the owner of an entitlement is an indication of who is responsible for this access.  Access Reviews can be sent to entitlement owners as well as many other options.  This can be modified in the Clarity UI after import.

    Need Help?

    If you have any problems, contact your customer success team. You can also get in touch with our general support via email, open a support ticket. Our general support team is available Monday - Friday from 8:00 AM - 6:30 PM CST.

    Was this article helpful?
    What's Next
    Identity Governance Made Easy.
    Platform
    Use Cases
    Resources
    Connect With Us
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout