PingOne Advanced Identity Cloud

Accounts

The accounts page provides a centralized location for managing all user accounts across your targeted applications, giving administrators and application owners the tools for efficient access governance.

This view streamlines account auditing and governance by giving application owners a single place to manage accounts without needing full application configuration permissions.

The accounts page where you can manage accounts across your configured applications.

What you can do

  • View and filter Accounts: View all accounts across all target applications. You can filter the list by application and by the account’s type (default for human users or machine for services).

  • Review account details: Access detailed information for any account.

  • Review correlated accounts: For correlated accounts (those linked to a user identity), you can review details, object properties, and entitlements.

  • Manage uncorrelated accounts: For uncorrelated accounts (those not linked to a user identity), you can change the account type to machine, review the account details, and its object properties.

  • Assign custodians for machine accounts: If you set an uncorrelated account to the machine type, you must assign custodians to own and manage the account as well as change the account subtype.

Filter or search for accounts

  1. On the Advanced Identity Cloud admin console, click Governance > Accounts.

  2. View the list of accounts across your applications.

  3. In the Filter by applications field, select an application type.

  4. In the Search field, enter an account name.

View account details

  1. On the Accounts page, click an account to view its details.

    The Details page displays the following sections:

    • Account Type: (Default or Machine).

    • Owner/User: User associated with the account (if correlated).

    • Account Details: Displays core account properties and attributes.

      Review the accounts details page

View object properties

The Object Properties tab provides a direct view of the technical attributes of the account as synchronized from the connected target application.

The page lists the specific, raw data fields pulled from the application, such as mail, displayName, givenName, surname, and group memberships like memberOf and others.

  1. On the Accounts page, click an account to view its details.

  2. Click the Object Properties tab. Review the properties for the account.

    View the account’s object properties.

View entitlements

The Entitlements tab displays all the specific access rights, roles, or group memberships that the account currently holds on the connected target application.

  1. On the Accounts page, click an account to view its details.

  2. Click the Entitlements tab. Review the entitlements for the account.

    View the account’s entitlements

Change the account type for uncorrelated accounts

  1. On the Accounts page, click Uncorrelated accounts.

  2. Review the accounts and click an account to view its details.

  3. If the account is for a service or application, click Change to Machine Account.

    Click the link to change the account type,

    1. In the Set Machine Account modal, select the following:

      • Custodians: Select or enter the custodians you want to assign to the machine account.

      • Account Subtype: Select the account subtype for the machine account.

    2. Click Save.

      Set the account type to `machine`.

Change the custodians or account subtype

  1. On the Accounts page, click Machine accounts.

  2. Select an account, and click Edit Machine Account.

    1. In the Update Machine Account modal, edit the following:

      • Custodians: Add or remove the custodians.

      • Account Subtype: Select an alternate account subtype for the machine account.

    2. Click Save.

      Update the machine account.