Skip to main content

IT4U

IT Service Management

You can bring Incident data from IT4U into Brinqa to gain a unified view of your attack surface, thus strengthening your cybersecurity posture.

This document details the information you must provide for the connector to authenticate with IT4U and how to obtain that information from IT4U. See create a data integration for step-by-step instructions on setting up the integration.

Required connection settings

When setting up a data integration, select IT4U from the Connector dropdown. If you cannot find the connector in the dropdown, make sure that you have installed it first. You must provide the following information to authenticate IT4U with Brinqa:

  • Server URL: IT4U server URL (e.g., https://<server>).
  • Username: IT4U username for authentication.
  • Password: IT4U password for authentication.
  • Incident Source: Source identifier for incidents in IT4U.
  • SSL / TLS: Skip certificate verification for development environments.

The connector authenticates using Basic Authentication. It sends the provided username and password for secure connection.

Additional settings

The IT4U connector contains additional options for specific configuration:

  • Maximum retries: The maximum number of times that the integration attempts to connect to the IT4U API before giving up and reporting a failure. The default setting is 5.

Types of data to retrieve

The IT4U connector can retrieve the following types of data from the IT4U API:

Table 1: Data retrieved from IT4U

Connector ObjectRequiredMaps to Data Model
IncidentYesIncident
info

The IT4U connector does not currently support operation options for the types of data it retrieves.

For detailed steps on how to view the data retrieved from IT4U in the Brinqa Platform, see How to view your data.

Attribute mappings

Expand the sections below to view the mappings between the source and the Brinqa data model attributes.

Incident

Table 2: Incident attribute mappings

Source Field NameSDM Attribute
IncidentResource.affectedCVECVE_IDS
IncidentResource.affectedDevicesAFFECTED_DEVICES
IncidentResource.bodyBODY
IncidentResource.closeTimeCLOSE_TIME
IncidentResource.close_codeCLOSE_CODE
IncidentResource.close_notesCLOSE_NOTES
IncidentResource.complianceStateCOMPLIANCE_STATE
IncidentResource.createdAtSOURCE_CREATED_DATE
IncidentResource.descriptionDESCRIPTION
IncidentResource.displayUrlDISPLAY_URL
IncidentResource.eventSubTypeEVENT_SUB_TYPE
IncidentResource.eventTypeEVENT_TYPE
IncidentResource.externalIdEXTERNAL_ID
IncidentResource.externalNumberEXTERNAL_NUMBER
IncidentResource.externalStatusPROVIDER_STATUS
IncidentResource.externalStatusSOURCE_STATUS
IncidentResource.firstFoundFIRST_FOUND
IncidentResource.htmlBodyHTML_BODY
IncidentResource.idUID
IncidentResource.lastFoundLAST_FOUND
IncidentResource.lastUpdatedAtSOURCE_LAST_MODIFIED
IncidentResource.originAlertIdORIGIN_ALERT_ID
IncidentResource.ratingRATING
IncidentResource.remediationOwnerREMEDIATION_OWNER
IncidentResource.resultsRESULTS
IncidentResource.riskOwnerRISK_OWNER
IncidentResource.riskRatingRISK_RATING
IncidentResource.serviceIdSERVICE_ID
IncidentResource.serviceNameSERVICE_NAME
IncidentResource.serviceTypeSERVICE_TYPE
IncidentResource.startTimeSTART_TIME
IncidentResource.subjectSUBJECT
IncidentResource.timestampTIMESTAMP
IncidentResource.titleNAME
IncidentResource.updateTimeUPDATE_TIME
IncidentResource.workNotesWORK_NOTES
Generated (sync timestamp)LAST_CAPTURED

APIs

The IT4U connector uses the IT4U API. Specifically, it uses the following endpoints:

Table 3: IT4U API Endpoints

Connector ObjectAPI Endpoint
IncidentGET RRPS/External/{incidentSource}/List
GET RRPS/External/{incidentSource}/Details/{id}
POST RRPS/External/{incidentSource}/Create
POST RRPS/External/{incidentSource}/Update
POST RRPS/External/{incidentSource}/AddAttachment/{id}

Incident attachment push

The IT4U connector includes support for pushing a file attachment to an IT4U incident when a ticket is created or updated. When attachment data is supplied, the connector forwards it to IT4U's AddAttachment endpoint (POST RRPS/External/{incidentSource}/AddAttachment/{id}) using the following input attributes:

Table 4: Incident attachment input attributes

AttributeRequiredDescription
attachmentFileNameYesFile name of the attachment.
attachmentContentTypeYesMIME type of the attachment (e.g., image/jpeg, text/plain).
attachmentRawDataOne of raw / base64Raw (text) file content.
attachmentBase64DataOne of raw / base64Base64-encoded file content (for binary files).

A push requires attachmentFileName, attachmentContentType, and at least one of attachmentRawData or attachmentBase64Data. Attachment handling is best-effort: if the payload is invalid or the push fails, the incident is still created or updated and the failure is logged, so a bad attachment never blocks the ticket.

caution

This capability is implemented in the connector but is not yet usable end-to-end. The Brinqa Platform does not currently provide a way to send attachment data to a connector during incident create or update, so no attachment data reaches the connector today and this logic stays dormant — incident create, update, and sync behave exactly as they did before it was added. Once the platform adds support for pushing attachments to connectors, the feature will work with no further connector changes.

The attachment attribute names and the identifier used for the AddAttachment path are provisional, pending confirmation with IT4U.

Changelog

The IT4U connector has undergone the following changes:

Table 5: IT4U Changelog

VersionDescriptionDate Published
3.1.0New Features
- 'Incident attachment push (groundwork — not yet enabled by the platform):' The connector can now attach a file to an IT4U incident when a ticket is created or updated, forwarding a file name, content type, and file content (raw or base64) to IT4U's AddAttachment API.
'Not usable end-to-end yet.' The Brinqa platform does not currently provide a way to send attachment/file data to a connector during incident create/update, so no attachment data reaches the connector today. This logic stays dormant: when no attachment data is supplied (every case at present), incident create, update, and sync behave exactly as before. Once the platform adds support for pushing attachments to connectors, the feature works with no further connector changes.
- The Incident model now records a 'Last Captured' timestamp, indicating when Brinqa last retrieved each incident from IT4U during sync.
Improvements
- Incident fields now map to Brinqa's unified data-model attributes (name, description, results, first found, last found), so they populate the platform's standard fields directly.
- Affected CVEs now map to the standard CVE field, so incidents participate in CVE-based correlation and enrichment.
- The incident display name now uses the incident title (falling back to its identifier).
- Removed the redundant Status and Status Category attributes from the Incident model.
Migration Required
- 'Incident': several attributes were renamed to Brinqa's unified data-model attributes (name, description, results, first found, last found), affected CVEs now map to the standard CVE field, and the Status and Status Category attributes were removed. Re-sync the IT4U connector and review any field mappings that referenced the previous attribute names.
June 24th, 2026
3.0.3Improvements
- Connector-sourced attribute values now take precedence over non-connector data channels (manual edits, bulk imports, UI input) when the platform consolidates records, so IT4U data is no longer overridden by lower-priority sources.
Bug Fixes
- Corrected the Incident model's 'First found' and 'Last found' attributes to be stored as proper timestamps. The underlying API fields were read as text instead of timestamps (the other date fields were already handled correctly); they now deserialize to timestamps consistently.
Migration Required
- 'Incident': the 'First found' and 'Last found' attributes changed from text to timestamps. Re-sync the IT4U connector to repopulate incidents with the corrected types.
June 8th, 2026
3.0.1Initial Integration+ release.2026-05-19