PingOne Advanced Identity Cloud

User-access graph

Advanced Identity Cloud add-on capability

The user-access graph is an Identity Governance add-on capability. Contact your Ping Identity representative if you want to add PingOne Identity Governance to your Advanced Identity Cloud subscription.

The user-access graph provides a read-only view that lets you filter, zoom, and expand an identity or object nodes in the graph. You can select which types of access to view, such as roles, applications, or entitlements.

View user access

  1. In the Advanced Identity Cloud admin console, go to Identities > Manage.

  2. Search for and select a user.

  3. On the user’s Details tab, click View User Access.

    User access graph showing relationships between a user, roles, applications, and entitlements with filter controls.

  4. View the user-access graph.

    An example of the user-access graph that that displays the connections between a user’s access to roles, applications, and entitlements.

    You can filter the graph by access type, such as roles, applications, or entitlements. Use the left navigation pane to find uncertified or role-based access items. You can also filter for conditional or direct roles, applications, or specific entitlements.

    When you click a specific role, application, or entitlement on the graph, its details appear in the right pane. For example, clicking an account under Application displays its associated entitlements graphically and the account details in the right pane.

    The left pane of the user-access graph page displays access filters for certification status, conditional or direct roles, applications, and entitlements.