Skip to content

Users and user types

One of Coro’s key functions is to protect and monitor users within an organization who have accounts with connected cloud applications, such as Microsoft 365.

When an admin user connects their Coro workspace to a cloud application, Coro locates identifiable and accessible user accounts. These accounts are defined as protectable by Coro.

The admin user instructs Coro to protect protectable users, either by specifying individual user accounts, by selecting a known user group from the application's directory, or just instructing Coro to protect all identifiable and protectable users. Coro automatically applies protection to those users and monitors their activity within the connected application.


Coro identifies users by their email address. If a user uses different email addresses across different applications within the same organization, Coro might not be able to identify them as the same individual across all connected applications.

User categories in Coro

Category Description
All cloud app users All user accounts in a connected cloud application.
Protectable users Cloud application users identified as protectable. Coro considers a user account as protectable if there are no access restrictions or other reasons that might prevent Coro from applying protection.
Protected users Users that have been explicitly added to Coro for protection by a workspace admin user, either individually or as part of a user group from the cloud app. To learn more about how to add users for protection, see adding users for protection.
Admin users Privileged users that have access to the Coro Console to administer and monitor an organization's cyber protection, see admin users.


Users that fall into the category of protectable, yet have not been added for protection, can still be monitored and reported on within the Coro console. However, this is for informational use only. See viewing tickets.

Admin users

Administrators in Coro are referred to as admin users and each new subscription includes one initial admin user with super admin credentials to access the Coro console.

Admin users are, by definition of their privileged status, part of the set of protected users. This ensures that the administration of the workspace is not compromised.

In addition to managing and configuring all protection settings in a workspace, an admin user is generally responsible for:

Coro allows you to add additional admin users with various levels of access and authority depending on their assigned roles.

To learn more about admin users, see Managing admin users.