Skip to main content

About Envoy

Iru reads visitor entry logs, invites, locations, and employee directory metadata via Envoy’s API using OAuth 2.0 (authorization code). Typical scopes include entry_logs.read, invites.read, locations.read, employees.read, plus refresh_tokens so Iru can rotate access tokens without repeated logins.

How It Works

Iru uses Envoy’s OAuth 2.0 authorization code flow. When you enable the source, a browser popup redirects to Envoy’s authorization server. You sign in, review scopes, and grant access; Envoy returns a code that Iru exchanges for an access token and refresh token.
DetailValue
CategoryVisitor management
AuthenticationOAuth 2.0
Typical plansPremium or Enterprise for API access
Official references: Developer hub, Authorization, Scopes.

Prerequisites

  • Admin or Global Admin in Envoy.
  • Browser popups enabled.

Connect Envoy to Iru

Complete this tab before you enable Envoy in Iru Compliance, so the right administrator completes OAuth.
1

Sign in to Envoy

Open your Envoy dashboard (for example dashboard.envoy.com or the URL your workplace uses) and sign in with Admin or Global Admin rights.
2

Confirm Premium or Enterprise API access

Envoy’s developer APIs require a plan that exposes the scopes Iru requests. Confirm your subscription matches Prerequisites in this article.
3

Review OAuth scopes

Skim Envoy authorization and Scopes so the consent screen matches your security review.
4

Allow pop-ups for Iru

In the browser profile you will use for Compliance, allow pop-ups for your Iru hostname so the Envoy OAuth window is not blocked.
Continue on the Iru Compliance tab.

Troubleshooting

Check pop-up blocker settings for the Iru site and try again.
Insufficient Envoy role - use Admin/Global Admin.
Standard plan may lack API - upgrade per Envoy licensing.
Deactivated admin - re-authorize with an active account.

Sources Management

Browse and manage every Compliance source.

Getting Started With Compliance

Frameworks, actions, and Artifacts.

Iru Overview

How Endpoint, Compliance, and Identity fit together.

Artifacts Management

Upload, review, and organize evidence from sources and actions.