PingOne Advanced Identity Cloud

View the user-access graph

The user-access graph provides a read-only view of an end user’s access. It visualizes the links between an end user and their types of access, such as roles, applications, or entitlements. You can filter, zoom, and expand identity or object nodes in the graph.

The user-access graph is a feature of the Identity Governance add-on capability for Advanced Identity Cloud.

View user access

  1. In the Advanced Identity Cloud admin console, go to Identities > Manage.

  2. Search for and select a user.

  3. On the user’s Details tab, click View User Access.

    User access graph showing relationships between a user, roles, applications, and entitlements with filter controls.
  4. View the user-access graph.

    An example of the user-access graph that that displays the connections between a user’s access to roles, applications, and entitlements.

    You can filter the graph by access type, such as roles, applications, or entitlements. Use the left navigation pane to find uncertified or role-based access items. You can also filter for conditional or direct roles, applications, or specific entitlements.

    When you click a specific role, application, or entitlement on the graph, its details appear in the right pane. For example, clicking an account under Application displays its associated entitlements graphically and the account details in the right pane.

    The left pane of the user-access graph page displays access filters for certification status, conditional or direct roles, applications, and entitlements.