PingOne Advanced Identity Cloud

About reports

Advanced Identity Cloud provides a reporting infrastructure to help you gain better insights into your IAM activities. The reports cover a wide range of services including application access, IDM syncs, journeys, user statistics to assist in making critical business decisions and monitor compliance policies.

Tenant administrators can use the Reports page to view template drafts, view previous report runs, and generate new reports. You can also export the reports as a CSV or JSON file for further analysis.

reports dashboard no newreport

  • 1 On the Advanced Identity Cloud admin UI, click Reports to access Advanced Identity Cloud reports. All Advanced Identity Cloud customers (new or existing) get access to the out-of-the-box reports.

  • 2 Enter a report name, case-insensitive, to search for a report.

  • 3 Click Run on any report to generate a reporting run.

  • 4 Click ellipsis (), and then click Run History to view the report, export the file, and view information about past reporting runs.

Important tips for reports

  • Out-of-the-box reports: There are 15 out-of-the-box reports available to your company. Two additional reports are available for those who have the Identity Governance[1] service. Only tenant administrators can access and run the out-of-the-box reports.

  • Report states: Each report has two states:

    • Draft: A staging state to validate a report before publishing. For a report to be live, you must publish it.

    • Published: The report is read-only and live.

  • Reports creation: You can create reports using the following:

    • Reports page: An intuitive extension to the Advanced Identity Cloud admin UI

    • REST APIs

  • Report formats: Reports can be exported in JSON or CSV format.

  • Report results: For out-of-the-box reports, the backend streams events at set intervals, for example, 15 and 45 minutes, which could cause a delay in the report results. For near real-time reporting, learn about the Advanced Reporting feature.

  • Query data restrictions: Tenant administrators can only query data from the most recent 30 days for certain reports. The query limits apply to both draft and published reports.

    Reports that cover the following AM entities and some IDM operations are subject to this 30-day data restriction:

    • Journeys

    • Nodes

    • AM access attempts

    • AM access outcomes

    • IDM synchronization

    • IDM reconciliation

    Reports that cover the following topics are excluded from the query limit restrictions:

    • Identities and their attributes

    • Relationships like entitlements, roles, organizations (current state or historical snapshots)

    Reports covering the current state of an object and its relationships are always available, even if changes or assignments occurred before the restricted query period. However, if a history change trail is needed in a report, it will be subject to the query limitation.

Manage reports

Generate and view reports using the Advanced Identity Cloud admin UI

Use the Advanced Identity Cloud admin UI reports page to generate the pre-configured reports or run a history for a particular reporting run.

Run and view a report

  1. Log in to the Advanced Identity Cloud, and then click Reports.

  2. Select a report, and then click Run.

  3. For a specific report, enter or select the parameter values in the report.

  4. Click Run Report.

  5. Click the Run History tab, do the following:

    • Click View Report to view the report.

    • Click to export the report as JSON or CSV.

    • Click the ellipsis (), and then click Run Details to view information about the reporting run.

      After you generate a report, the report is available for download and view for 24 hours. If you have downloaded the report, the same report is available for additional downloads for 30 days.

      Data is stored in the Advanced Identity Cloud for 30 days for general Advanced Identity Cloud customers. For customers who have the advanced reporting add-on capability, application report data is stored for 90 days.
      reports download button

      • 1 Started: Date and time the reporting run started.

      • 2 Status: If the reporting run is successful, the Status displays Complete; if it fails, Error.

      • 3 Click View Report to open it.

      • 4 Click the download icon () to export the report as JSON or CSV.

      • 5 Click ellipsis () to view the run history details.

Available reports

Advanced Identity Cloud provides the following out-of-the-box report types:

Activity:

End user insights:

Journey:

Managed object:

Governance[1]:

Active users report

The active users report provides a unique user count with at least one activity like sign-in, set or update password, or token requests.

This report has a data query limit depending on your add-on capabilities:

  • Customers using out-of-the-box reports: Reports cover the latest 30 days.

  • Customers who have the Advanced Reporting add-on capability: Reports cover the latest 90 days.

The report can be used to understand the count of unique users interacting with Advanced Identity Cloud during go-live or new application onboarding events.

The report options are:

Field Description

Timeframe

Select a report time frame:

  • Today

  • Yesterday

  • Last 7 days

  • Last 30 days

  • Custom

The report output contains the following columns:

Field Description

Report From

Start date for the report.

Report To

End date for the report.

User Activity Count

Number of unique user activity events like sign-in, set or update password, or access token requests.
reports user count by activity

Application access for OAuth report

The application access for OAuth report provides a history of who and how many users accessed an application associated with an OAuth2 client in the realm for a given time period.

This report has a data query limit depending on your add-on capabilities:

  • Customers using out-of-the-box reports: Reports cover the latest 30 days.

  • Customers who have the Advanced Reporting add-on capability: Reports cover the latest 90 days.

The report helps understand the list of users who access Advanced Identity Cloud using the access details.

Currently, only OAuth2 client IDs are supported. The application name cannot be used for the query.

The report options are:

Field Description

Timeframe

Select a report time frame:

  • Today

  • Yesterday

  • Last 7 days

  • Last 30 days

  • Custom

OAuth2 Applications

Select one or more applications.

Users

Select one or more users who accessed the application.

The report output contains the following columns:

Field Description

OAuth2 Applications

Select OAuth2 application(s) for the report.

Users

Select users for the report.

Report From

Start date for the report range.

Report To

End date for the report range.

Event Time

Date and time when the application was accessed.

User Name

Selected username for the report.

User Id

UUID of the user who access the application.

Application Name

Selected application name for the report.

Scope

Scope of the authentication.

Token Type

Type of access token.

Status

Status of the operation:

  • SUCCESSFUL

  • FAILED
reports application access

Administrator activity report

The administrator activity report provides a history of tenant administrator creation and update activities on identities for a given time period.

The report is useful as an audit report of all end user profile changes made by a tenant administrator.

Currently, only tenant administrator activity on identities is supported.

The report options are:

Field Description

Timeframe

Select a report time frame:

  • Today

  • Yesterday

  • Last 7 days

  • Last 30 days

  • Custom

The report output contains the following columns:

Field Description

Report From

Start date for the report.

Report To

End date for the report.

Entity

Tenant.

Operation

Type of operation.

Timestamp

Timestamp of the operation.

Admin

Name of the admin running the operation.
reports tenant admin activity

IDM sync report

The IDM sync report provides an error report of user sync activities for a given time period.

This report has a data query limit depending on your add-on capabilities:

  • Customers using out-of-the-box reports: Reports cover the latest 30 days.

  • Customers who have the Advanced Reporting add-on capability: Reports cover the latest 90 days.

The report is useful to understand the errors that occurred during provisioning.

The report options are:

Field Description

Timeframe

Select a report time frame:

  • Today

  • Yesterday

  • Last 7 days

  • Last 30 days

  • Custom

The report output contains the following columns:

Field Description

Report From

Selected campaign name for the report.

Report To

Selected status for the report.

User Name

Username who ran the sync operation.

Application Name

Name of application for the report.

Action

Type of action for the Advanced Identity Cloud sync.

Message

Any comments attached to the reports.

Exception

Any exceptions discovered during the sync.

Event Time

Date and time of the sync event.
reports idm sync error

User count by status report

The user count by status report provides the number of users in an active, inactive, or blocked status.

The report can be used to query on more than one status to provide an aggregated count. To get numbers for each status, run multiple reports.

The report options are:

Field Description

Status

Select a status option:

  • Active

  • Inactive

  • Blocked

The report output contains the following columns:

Field Description

Status

Selected status to include in the report.

Count

Number of users with the selected status.
reports user count by status

User last login report

The user last login report lists the users in a particular status, along with their last login time.

This report has a data query limit depending on your add-on capabilities:

  • Customers using out-of-the-box reports: Reports cover the latest 30 days.

  • Customers who have the Advanced Reporting add-on capability: Reports cover the latest 90 days.

The report is based on the successful journey completion of the selected journeys. The report can be used to get the journey names designated as login journeys.

The report options are:

Field Description

Timeframe

Select a report time frame:

  • Today

  • Yesterday

  • Last 7 days

  • Last 30 days

  • Custom

Status

Select a status option:

  • Active

  • Inactive

  • Blocked

Journeys

Enter or select one or more journeys.

The report output contains the following columns:

Field Description

Account Status

Status included in the report.

Journeys

Journeys tracked in the report.

Report From

Start date for the report.

Report To

End date for the report.

Last Name

Surname of the user.

First Name

First name of the user.

User Name

Username of the user.

JourneyName

Journey name for the last login.

Timestamp

Timestamp of the last login.
reports user last login

User current access report

The user current access report lists a user’s current assigned applications, organizations, and role assignments.

Currently, the report is only available in JSON format.

The report options are:

Field Description

Users

Select one or more users who may have accessed the application.

The report output contains the following columns:

Field Description

Users

User selected for the report.

User Name

Username of the user.

First Name

First name of the user.

Last Name

Surname of the user.

Role Names

Any role names assigned to the user.

Application Names

Application name of the accessed resource.

Org Names

Organization name of the user who accesses the resource.
reports user access details

Journey usage report

The journey Usage report provides a count of the times one or more journeys completed in a period of time with a particular status.

This report has a data query limit depending on your add-on capabilities:

  • Customers using out-of-the-box reports: Reports cover the latest 30 days.

  • Customers who have the Advanced Reporting add-on capability: Reports cover the latest 90 days.

The report can be used to query on more than one outcome to provide an aggregated count. To get numbers for each outcome, run multiple reports.

This report only includes information about the main journey. It doesn’t include details about child/inner journeys. To view child/inner journey details, run the Journey node history report.

The report options are:

Field Description

Timeframe

Select a report time frame:

  • Today

  • Yesterday

  • Last 7 days

  • Last 30 days

  • Custom

Outcomes

Select a journey outcome:

  • Successful: Select journeys that ended successfully.

  • Failed: Select journeys that failed.

  • Continue: Select journeys that are in a pending state, such as waiting for user input in a multifactor authentication (MFA) journey.

Journeys

Select one or more journeys for the report.

The report output contains the following columns:

Field Description

Journeys

Journeys tracked in the report.

Outcomes

Outcome of the journey covered in the report:

  • SUCCESSFUL

  • FAILED

  • OUTCOME

Report From

Start date for the report.

Report To

End date for the report.

User Name

Username for the person owning the journey.

Journey Name

Name of the journey.

Count

Number of journeys for the user.
reports user journey stats

User journey usage report

The user journey Usage report lists the number of times a user completed or did not complete a journey.

This report has a data query limit depending on your add-on capabilities:

  • Customers using out-of-the-box reports: Reports cover the latest 30 days.

  • Customers who have the Advanced Reporting add-on capability: Reports cover the latest 90 days.

The report can be used to query on more than one outcome to provide an aggregated count. To get numbers for each outcome, run multiple reports.

This report only includes information about the main journey. It doesn’t include details about child/inner journeys. To view child/inner journey details, run the Journey node history report.

The report options are:

Field Description

Timeframe

Select a report time frame:

  • Today

  • Yesterday

  • Last 7 days

  • Last 30 days

  • Custom

Outcomes

Select a journey outcome

  • Successful: Select journeys that ended successfully.

  • Failed: Select journeys that failed.

  • Continue: Select journeys that are in a pending state, such as waiting for user input in a multifactor authentication (MFA) journey.

Journeys

Select one or more journeys for the report.

The report output contains the following columns:

Field Description

Journeys

Selected journeys included in the report.

Outcomes

Selected outcomes included in the report.

Report From

Start date for the report.

Report To

End date for the report.

Username

Username of the user who ran the journey.

Journey Name

Name of the journey.

Count

Number of times the user ran the journey successfully or not.
reports user journey stats

Journey node usage report

The journey node usage report provides the count and details of nodes traversed by a user for one or more journeys for a given time period.

This report has a data query limit depending on your add-on capabilities:

  • Customers using out-of-the-box reports: Reports cover the latest 30 days.

  • Customers who have the Advanced Reporting add-on capability: Reports cover the latest 90 days.

The report shows when a user used a journey, such as One Time Password (OTP), in a given time period and when the user last used the journey.

This report only includes information about the main journey. It doesn’t include details about child/inner journeys. To view child/inner journey details, run the Journey node history report.

The report options are:

Field Description

Timeframe

Select a report time frame:

  • Today

  • Yesterday

  • Last 7 days

  • Last 30 days

  • Custom

Journeys

Select one or more journeys for the report.

The report output contains the following columns:

Field Description

Journeys

Selected journey(s) for the report.

Report From

Start date for the report.

Report To

End date for the report.

Journey Name

Name of the journey.

Journey Status

Status of the journey.

User Name

Username for the person running the report.

Node Name

Name of the specific node.

Node type

Type of node.

Node Outcome

Outcome of the node: true, false, or outcome.

Node Usage Count

Number of times the node was used.

Last Usage

Date and time of the latest node usage.
reports journey node usage

User journey history report

The user journey history report provides a history of all journeys one or more user(s) completed for a given time period.

This report has a data query limit depending on your add-on capabilities:

  • Customers using out-of-the-box reports: Reports cover the latest 30 days.

  • Customers who have the Advanced Reporting add-on capability: Reports cover the latest 90 days.

The report can be used to understand when one or more users have registered, logged in, or reset their password.

This report only includes information about the main journey. It doesn’t include details about child/inner journeys. To view child/inner journey details, run the Journey node history report.

The report options are:

Field Description

Timeframe

Select a report time frame:

  • Today

  • Yesterday

  • Last 7 day

  • Last 30 days

  • Custom

Users

Select one or more users who may have accessed the application.

The report output contains the following columns:

Field Description

Users

Selected users for the report.

Report From

Start date for the report range.

Report To

End date for the report range.

Users

Selected users for the report.

Journey Name

Name of the journey.

Journey Result

Displays the result of the journey: SUCCESSFUL or FAILURE.

Timestamp

Date and time for the journey.
reports journey history

Journey node history report

The journey node history report provides a history of a user’s journey and nodes traversed for a given time period.

This report has a data query limit depending on your add-on capabilities:

  • Customers using out-of-the-box reports: Reports cover the latest 30 days.

  • Customers who have the Advanced Reporting add-on capability: Reports cover the latest 90 days.

The report can be used to understand login or churn issues. To understand a user’s journeys and node traversal history, download the report and filter on the user.

The report options are:

Field Description

Timeframe

Select a report time frame:

  • Today

  • Yesterday

  • Last 7 days

  • Last 30 days

  • Custom

Journeys

Select one or more journeys for the report.

The report output contains the following columns:

Field Description

Journeys

Selected journey(s) for the report.

Report From

Start date for the report.

Report To

End date for the report.

Tracking Id

Tracking ID for the journey.

Journey Name

Name of the journey.

Journey Status

Selected journey status.

User Name

Username for the person running the report.

Timestamp

Date and time.

Node Details

Node details used in the journeys:

  • Node Type. Type of node in the journey.

  • Node Name. Name of the node in the journey.

  • Node Event Time. Date and time of the node event.

  • Node Outcome. Outcome of the node, depending on the node type.
reports journey node history

Role composition report

The role composition report provides a list of roles and their metadata.

Field Description

None

Click Run to generate the report.

The report output contains the following columns:

Field Description

Role Name

Name of the role.

Description

Description for the role.

Temporal Constraints

Any time-limited constraints for the assigned role.
reports role composition

Role membership report

The role membership report provides a list of roles and their associated members.

The report options are:

Field Description

Roles

Enter one or more roles for the report.

The report output contains the following columns:

Field Description

Roles

Selected roles for the report.

Role Name

Name of the role.

User Name

Username of the user assigned the role.

First Name

First name of the user assigned the role.

Last Name

Surname of the user assigned the role.

Email

Email address of the user assigned the role.
reports role membership

Organization membership report

The organization membership report provides a list of the organizations in your company and their associated members.

The report options are:

Field Description

Organizations

Enter one or more organizations.

The report output contains the following columns:

Field Description

Organizations

Selected organizations for the report.

Org Name

Name of the organization.

User Name

Username of a user in the organization.

First Name

First name of user in the organization.

Last Name

Surname of the user in the organization.

Email

Email address of the user in the organization.
reports org users report

Campaign composition report

The campaign composition report[1] provides information on the filters and attributes of campaigns.

The report options are:

Field Description

Campaign Name

Enter the name of the campaign.

Campaign Status

Select one of the following:

  • In-progress

  • Signed-off

The report output contains the following columns:

Field Description

Campaign Name

Selected campaign name for the report.

Campaign Status

Selected status for the report.

Campaign Id

ID associated with the campaign.

Description

Description of the campaign.

Certification Type

Type of certification:

  • Identity

  • Entitlement assignment

  • Role membership

Escalation Notification

Notification for any escalation actions.

Owner

Owner of the certificate.

Status

Selected status for the report:

  • in-progress

  • expiring

  • overdue

Create Date

Date and time the campaign was created.

Target Filter

Filter made on the campaign.
reports campaign details

Campaign status report

The campaign status report[1] provides the decision details along with reviewer information for a campaign.

The report options are:

Field Description

Campaign Name

Enter the name of the campaign.

Campaign Status

Select one of the following:

  • In-progress

  • Signed-off

The report output contains the following columns:

Field Description

Campaign Name

Selected campaign name for the report.

Campaign Status

Selected status for the report.

Certification Name

Name of the certification.

Campaign Id

ID associated with the campaign.

User Name

Selected username for the report.

Account Name

Account name for the user.

Application Name

Selected application name for the report.

Type

Type of campaign.

Entitlement Name

Entitlement name if the campaign involves access to an entitlement.

Decision

Campaign decision:

  • certify

  • revoke

  • exception

Decision By

Reviewer who made the certification decision.

Completed By

User who completed the certification decision.

Completion Date

Date of the certification completion.

Decision Data

Date and time when the decision was made.

Comments

Any comments entered for the campaign.
reports campaign decision details

Advanced Reporting

Advanced Reporting lets you create custom reports on activity in your Advanced Identity Cloud tenant environment. You can query a number of metrics to create useful reports for your company.

Advanced Identity Cloud add-on capability

Contact your Ping Identity representative if you want to add Advanced Reporting to your PingOne Advanced Identity Cloud subscription. Learn more in Add-on capabilities.
Important tips for Advanced Reporting

  • The Advanced Reporting feature has the following features:

    • Supports detailed entity relationships to enable a variety of join operations.

    • Allows user-specified query parameters to be included dynamically at runtime.

    • Provides a wide range of operators to meet different query requirements.

    • Supports aggregate operations on the resulting dataset.

    • Restricts data access by assigning reports to specific users or a designated report_viewer group.

    • Supports report duplication to extend or modify existing queries.

  • Advanced Reporting custom reports can only be assigned to end users.

  • Users must be assigned to the report_viewer group to run and access custom reports.

  • Advanced Reporting continuously streams data from Advanced Identity Cloud, resulting in near-real time report results (approximately a minute behind real time).

  • Query Limits: For customers who have the advanced reporting add-on capability, the tenant administrators can query data from the most recent 90 days for reports that cover AM entities and some IDM operations (sync and recon). The query limits apply to both draft and published advanced reports.

  • Use case: Learn more about advanced reporting at Creating a custom report using Advanced Reporting

Assign report_viewer group

Advanced Identity Cloud provides a group to which users can be assigned to access custom reports.

Group Capability

report_viewer

A user with this group can do the following:

  • View and run all custom reports.

  • View and run all published custom reports allowed for the report_viewer group.

Add a user to the report_viewer group

  1. In the Advanced Identity Cloud admin UI, go to Identities > Manage.

  2. On the Manage Identities page, click Alpha-name - Groups.

  3. Click New Alpha realm - Group.

  4. On the New Alpha realm - group modal, enter the following:

    • Name: Enter report_viewer.

    • Description: Enter a general description for the group.

    • Click Next.

  5. On the Dynamic Alpha realm - group Assignment modal, click A filter for conditionally assigned members if you want to add a filter.

    1. Select Any or All conditions that must be met to assign to a user.

    2. Select a property, such as username, first name or others for your condition.

    3. Select an operator, such as contains, does not contain, or others for your condition.

    4. Enter a property value.

    5. Click plus:icon[] to add the condition to your filter.

  6. Click Save.

Create custom reports using Advanced Reporting

  1. In the Advanced Identity Cloud admin UI, click New Report.

  2. On the New Report modal, enter the following properties, and then click Next:

    Field Description

    Name

    Name of the report. Follow the naming conventions established by your company.

    Description

    Optional. Enter a description describing the report.

    Who Can Run

    Click to set who can run this report.

    Groups:

    • Report Viewer

    Users:

    • Select the users who can run this report. To select a user, you must have assigned the report_viewer group permissions to the user from the Manage Identity page.

  3. Next, add a data source or select an existing data source:

    1. Click Data Source.

    2. On the Add a Data Source modal, select a data source to use in this report, and then click Next:

      Click to review the data sources:

      • am_access_outcome

      • idm_config

      • idm_sync

      • roles

      • idm_recon

      • users

      • orgs

      • node_events

      • applications

      • idm_activities

      • governance_data[1]

      • journey_events

      • governance_decision_events[1]

      • campaign_details[1]

      • campaign_decision_details[1]

  4. Next, select the columns in the report in the right pane for your report result. Each data source can have different attributes. When you click an attribute, the column appears on the main window.

  5. Click the plus icon () to define parameters that the end user provides or extracted from the end user profile while running the report:

    1. On the Add a Parameter modal, enter the following fields:

      Field Description

      Name

      Name of the parameter or profile attribute. Also, the name appears on the filter attribute list.

      Parameter Type

      User provided parameter or a profile attribute.

      Input Label

      Label for parameter that appears when you do a reporting run.

      Input Type

      Options are:

      • String

      • Boolean

      • Integer

      • Float

      • Date

      Help Text

      Optional. Enter any help text for the parameter.

      Multivalued

      Click Multivalued to allow the end user to provide multiple values while running the report.

      Enumerated Values

      Click Enumerated Values if the property is an enumerated value. This property creates a drop-down list for the end user to select a value when running the report.

    2. Click Save.

  6. Next, click Filters to specify data source attributes for report filtering:

    Click to review the filtering options:
    Field Description

    Any|All

    Select Any or All conditions that must be met for the filters.

    Value

    List of attributes in the selected data source, including any custom attributes.

    Connectors

    Options are:

    • contains

    • does not contain

    • greater than or equal to

    • equals to

    • not equals to

    • less than or equal to

    • less than

    • greater than

    • starts with

    • ends with

    • not starts with

    • not ends with

    • is null

    • is not null

    Literal|Variable

    Value. End user provided variable. Select a value from the data source attributes or a property value passed by the end user during the report run.

    1. Click Save. A Filter active message with a checkmark appears.

  7. Click Aggregate to define aggregated data counts:

    1. On the Add an Aggregate modal, enter the following:

      Field Description

      Name

      Enter a descriptive label for the aggregate.

      Type

      Options are:

      • Count of specific rows

      • Sum of specific rows

      • Distinct count of specific rows

      Value

      Enter a value for the aggregate.

    2. Click Save.

  8. Click Sorting to sort the data tables in the report:

    1. On the Sort Data By modal, enter or select the following properties:

      Field Description

      Sort by

      Provided a list of attributes from the selected data source.

      Sort order

      Select the sort order for your data. Options are:

      • Ascending

      • Descending

    2. Click Save.

  9. Click Save at the top of the report. Your report draft appears on the Reports page and is only visible to the report template creator.

    reports custom

    • 1 Click New Report to create a custom report.

    • 2 Search for a report.

    • 3 Click Run to generate a reporting run.

    • 4 Click ellipsis () to publish the draft, view the reporting run history, edit, duplicate, or delete the draft.

Entities and attributes available in advanced reporting

The following entities and attributes are available to tenant administrators when creating advanced reports:

Entity Attributes Query Limited?

Users

  • Account Status

  • City

  • Common Name

  • Consented Mappings

  • Country

  • Description

  • Display Name

  • Email Address

  • Generic Indexed Date 1

  • Generic Indexed Date 2

  • Generic Indexed Date 3

  • Generic Indexed Date 4

  • Generic Indexed Date 5

  • Generic Indexed Integer 1

  • Generic Indexed Integer 2

  • Generic Indexed Integer 3

  • Generic Indexed Integer 4

  • Generic Indexed Integer 5

  • Generic Indexed Multivalued 1

  • Generic Indexed Multivalued 2

  • Generic Indexed Multivalued 3

  • Generic Indexed Multivalued 4

  • Generic Indexed Multivalued 5

  • Generic Indexed String 1

  • Generic Indexed String 2

  • Generic Indexed String 3

  • Generic Indexed String 4

  • Generic Indexed String 5

  • Generic UnIndexed Date 1

  • Generic UnIndexed Date 2

  • Generic UnIndexed Date 3

  • Generic UnIndexed Date 4

  • Generic UnIndexed Date 5

  • Generic UnIndexed Integer 1

  • Generic UnIndexed Integer 2

  • Generic UnIndexed Integer 3

  • Generic UnIndexed Integer 4

  • Generic UnIndexed Integer 5

  • Generic UnIndexed Multivalued 1

  • Generic UnIndexed Multivalued 2

  • Generic UnIndexed Multivalued 3

  • Generic UnIndexed Multivalued 4

  • Generic UnIndexed Multivalued 5

  • Generic UnIndexed String 1

  • Generic UnIndexed String 2

  • Generic UnIndexed String 3

  • Generic UnIndexed String 4

  • Generic UnIndexed String 5

  • Given Name

  • Id

  • Last Name

  • Password Expiration Date

  • Password Last Changed Time

  • Postal Address

  • Postal Code

  • Preferences

  • Realm

  • State Province

  • Telephone Number

  • Update Date

  • User Name

N

Roles

  • Condition

  • Creation Date

  • Object Id

  • Realm

  • Role Description

  • Role Name

  • Temporal Constraints

  • Update Date

N

Organizations

  • Creation Date

  • Id

  • Org Name

  • Realm

  • Update Date

N

Applications

  • Application Name

  • Authoritative

  • Connector ID

  • Creation Date

  • Id

  • Mapping Names

  • Realm

  • Template Name

  • Update Date

N

Journeys

  • Component

  • Event Name

  • IP Address

  • Journey Name

  • Journey Result

  • Principal

  • Realm

  • Source

  • Timestamp

  • Tracking Ids

  • Transaction Id

  • User Id

Yes

Nodes

  • Component

  • Event Name

  • Journey Name

  • Node Event Time

  • Node Id

  • Node Name

  • Node Outcome

  • Node Type

  • Principal

  • Tracking Ids

  • Transaction Id

  • User Id

Yes

AM Access Outcome

  • Application Name

  • Component

  • Event Name

  • Event Time

  • Http Request Method

  • Http Request Path

  • Http Request Secure

  • IsActive

  • Realm

  • Request

  • Resource Owner Id

  • Scope

  • Status

  • Token Type

  • Transaction Id

  • User Id

  • User Name

Yes

AM Access Attempt

  • Component

  • Event Name

  • Event Time

  • Http Request Method

  • Http Request Path

  • Http Request Secure

  • Object Id

  • Realm

  • Status

  • Token Type Hint

  • Transaction Id

  • User Id

Yes

IDM Sync

  • Action

  • Event Time

  • Exception

  • Mapping

  • Message

  • Realm

  • Situation

  • Source Object

  • Status

  • Target Object

Yes

IDM Recon

  • Action

  • Event Time

  • Exception

  • Mapping

  • Message

  • Realm

  • Recon Id

  • Situation

  • Source Object

  • Status

  • Target Object

  • Transaction Id

  • User Id

Yes

IDM Config

  • After

  • Before

  • Changed Fields

  • Event Time

  • Object Id

  • Operation

  • Revision

No

Entitlements

  • Creation Date

  • Display Name

  • Entitlement Data

  • Entitlement Description

  • Entitlement Id

  • Update Date

No

Assignments

  • Assignment Description

  • Assignment Mapping

  • Assignment Name

  • Assignment Type

  • Creation Date

  • Realm

  • Update Date

No

Groups

  • Group Condition

  • Group Description

  • Group Name

  • Object Id

No

Internal Roles

  • Creation Date

  • Internal Role Condition

  • Internal Role Description

  • Internal Role Name

  • Object Id

  • Update Date

No

Accounts

  • Account Date

  • Application Name

  • Creation Date

  • Display Name

  • Id

  • Update Date

  • UserId

No

Campaigns

  • Certification Type

  • Completion Date

  • Creation Date

  • Deadline

  • Event Based

  • Id

  • Name

  • Owner Given Name

  • Owner Email

  • Owner Last Name

  • Owner User Name

  • Start Date

  • Status

  • Template Id

  • Update Date

No

Policy

  • Creation Date

  • Description

  • Id

  • Name

  • Owner Email

  • Owner Given Name

  • Owner Id

  • Owner Last Name

  • Owner User Name

  • Status

  • Update Date

No

Policy Rules

  • Allow Exception

  • Allow Remediation

  • Correction Advice

  • Creation Date

  • Description

  • Detective

  • Documentation Url

  • Id

  • Max Exception Duration

  • Mitigation Control

  • Name

  • Owner Given Name

  • Owner Email

  • Owner Id

  • Owner Last Name

  • Owner User Name

  • Preventive

  • Risk Score

  • Role Definition

  • Status

  • Update Date

  • Violation Action

  • Violation Owner Email

  • Violation Owner Given Name

  • Violation Owner Id

  • Violation Owner Last Name

  • Violation Owner UserName

  • Workflow Id

No

Policy Scan

  • Completion Date

  • Creation Date

  • Id

  • Is Simulation

  • Scan Target

  • Start Date

  • Status

  • Total Rules

  • Total Violations

  • Update Date

No

Policy Violation

  • Creation Date

  • Description

  • Id

  • Name

  • Outcome

  • Policy Rule Id

  • Status

  • Type

  • Update Date

  • User Id

  • User Name

  • Work Flow Id

  • Start Date

No

Account Review Items (Not available as main datasource)

  • Account Display Name

  • Account Id

  • Account Type

  • Actors

  • Application Id

  • Application Name

  • Campaign Id

  • Completion Date

  • Confidence Score

  • Creation Date

  • Deadline

  • Decision

  • Decision By

  • Decision Comments

  • Decision Date

  • Entitlement Display Name

  • Entitlement Id

  • Id

  • Last Certified

  • Primary Reviewer Id

  • Primary Reviewer Type

  • Provisioning Method

  • Reviewers

  • Status

  • Update Date

  • User Given Name

  • User Name

No

Entitlement Review Items (Not available as main datasource)

  • Account Display Name

  • Account Id

  • Account Type

  • Actors

  • Campaign Id

  • Completion Date

  • Confidence Score

  • Creation Date

  • Deadline

  • Decision

  • Decision By

  • Decision Comments

  • Decision Date

  • Entitlement Display Name

  • Entitlement Id

  • Id

  • Last Certified

  • Primary Reviewer Id

  • Primary Reviewer Type

  • Provisioning Method

  • Reviewers

  • Status

  • Update Date

  • User Given Name

  • User Name

No

Role Membership Review Items (Not available as main datasource)

  • Actors

  • Campaign Id

  • Completion Date

  • Confidence Score

  • Creation Date

  • Deadline

  • Decision

  • Decision By

  • Decision Comments

  • Decision Date

  • Id

  • Last Certified

  • MembershipType

  • Primary Reviewer Id

  • Primary Reviewer Type

  • Reviewers

  • Role Id

  • Role Name

  • Status

  • Update Date

  • User Given Name

  • User Name

No
1. Identity Governance is an add-on capability to Advanced Identity Cloud. Contact your Ping Identity representative if you want to add PingOne® Identity Governance to your Advanced Identity Cloud subscription.