Skip to main content
Version: Cloud

Identities

The Identities link in the navigation pane provides access to a comprehensive panel displaying all identities.

This panel includes various options to manage identities effectively. These options enable configuration of:

  • Columns: Select the columns to display in the identities list.

  • Filters: Filter by any column and specify the desired value.

  • Density: Choose between compact, standard, or comfortable views for displaying identities.

  • Export: Export the list as a CSV file or print it.

Identity grid view

Clicking the three dots button for each identity reveals actions that can be performed on that identity.

Multiple identities can be selected for batch deletion or recalculation.

Clicking an identity opens a detailed view, including access rights and history.

Revoking assignments

To revoke assignments, you need to have the Operation Administrator role or other role that has permissions to revoke. To assign such permissions to a role, go to Setup > Authorization Roles and select the target role (for example, Manager). Click Authorizations and navigate to the Service desk expandable list. Select the Revoke assignments checkbox.

Perform the following steps:

  1. From the identities list, click the identity to enter the detailed view. Navigate to the Access rights tab.

  2. Select one or more assignments by clicking the corresponding checkboxes.

  3. In the top right corner of the table, click the ellipsis (three dots), and then the Revoke assignment option.

  4. In the side panel, enter a reason (as a comment) for revoking the assignment. Comments are optional by default. You can change a customer setting to make it mandatory.

  5. Enter the date. If you enter the current date, revoke is instant and triggers a recalculation of the identity. If you select a future date, the change will come into effect at the selected time.

Once you save your changes, a snackbar message (a bubble message below the identities table) is displayed with the revoke status:

  • green - success
  • red - an error has occurred (you don't have sufficient permissions to revoke or you tried to only revoke assignments that can't be revoked)
  • yellow - one or more assignments can be revoked and one or more assignments cannot be revoked
  • blue - revokes with a future date

Access Rights tab

After selecting a particular identity, you can view their access rights.



When the list of access rights is long and diverse, it is easier to view it with the use of filtering, which includes custom drop-down lists and various lookup components.

To apply filters, click on FILTERS and select the item or items that you wish to filter by. You can choose a variety of lookup parameters such as resources, the compliance status, or the validity timeframes.

Some of the parameters require typing a particular name to filter by (accounts and violations), some offer a drop-down list to choose from (for example, resources and compliance statuses), and some are dates (valid to and valid from values).

You can also choose more than one filter at once: for example, you can look up access rights within a particular system and with a particular validity timeframe.

Assignment explorer

The assignment explorer feature will allow you to explore identity assignments. You can launch the assignments explorer from the Identity list view or via the Identity grid view dropdown action menu. The assignments explorer opens in a side panel, providing a hierarchical view of resource assignments associated with the selected identity.

Additionally, you can re-calculate the identity assignments and explore logs related to the identity calculations. To do that, click on the three dots button on the right upper corner of the assignment explorer to expand the dropdown menu, then you can select betweetn:

  • Recalculate: it triggers the re-calculation process in the background.
  • Calculation log: it displays the logs for the identity calculations.