Skip to content

Lifecycle Manager Reports

Lifecyle Manager Reports enable you to monitor and analyze information about Lifecycle Manager requests.

The following reports provide information that is specific to the functions of Lifecycle Manager:

  • Access Request Status Report

  • Account Requests Status Report

  • Identity Requests Status Report

  • Password Management Requests Report

  • Registration Requests Status Report

Note

An identity must have IdentityIQ administrative capabilities to use this option. For information about setting up administrative capabilities, contact your IdentityIQ administrator.

To access these report templates, navigate to Intelligence > Reports and select a report from the list.

Lifecycle Manager Reports have the following sections:

Note

All reports use a set of standard properties to handle basic information, such as naming and descriptions, and controls settings. Controls include items such as scope and required sign off. You must enter the name before you run a report.

  • Standard Properties – see Standard Properties (Link)

  • Parameters – see the individual report descriptions for their unique parameters.

  • Report Layout – see Report Layout (Link)

The report information in the detailed results format can be exported to a CSV file and used in spreadsheets.

Access Request Status Report

The Access Request Status report shows details about access requests (role and entitlement requests) submitted through Lifecycle Manager. The summary section displays a graph to illustrate the ratio of pending to completed requests included in the report. The detail section shows the access request ID, the requester, the target identity, the entitlement owner, and the date and type of request made, along with various details about the request including its current status.

Note

To report on access requests that were triggered by lifecycle events, such as Rapid Setup joiner, mover, or leaver events, or standard Lifecycle Events, use the Lifecycle Events Status Report.

Use the following criteria to determine the information to use in this report. You can use any combination of options to build a report. You can use the Shift and Crtl keys to select multiple items from lists.

Note

If you select no options from a list, all options in the list are included in the report.

Applications
Show only access requests pertaining to one of the selected applications.

Approvers
Include only access requests approved by, or submitted for approval to, the selected identity or identities.

Requesters
Include only access requests originally created by one of the selected identities.

Entitlements
Show only access requests that included a request for access to the selected application-attribute-entitlement combination(s).

Roles
Show only access requests that included a request for one or more of the selected roles.

Target Identities
Include only access requests made for one or more of the selected identities.

Status
Show only access requests currently in the specified state: Completed, Approved, Rejected, Pending, Cancelled.

Requested Date Range
Show only access requests made during the specified date range; date ranges can be open-ended in either direction (no start or no end date), as needed.

Finished Date Range
Show only access requests whose end date is during the specified date range; date ranges can be open-ended in either direction (no start or no end date), as needed.

Account Requests Status Report

The Account Requests Status report shows information about account requests submitted through Lifecycle Manager; this can include requests for new accounts or management of existing accounts (account deletion, disable/enable account, etc.). It shows the access request ID associated with each request, the requester, the target identity, the application name and owner, the account native identity (if the request is for an existing account), and the date and type of request made, along with various details about the request including its current status.

Use the following criteria to determine the information to use in this report. You can use any combination of options to build a report. If you do not select options from a list, all options in the list are included in the report. You can use the Shift and Crtl keys to select multiple items from lists.

Approvers
Include only account requests approved by, or submitted for approval to, the selected identity or identities. If no approvers are selected, all approvers are included.
Click the arrow to the right of the suggestion field to display a list of all approvers, or enter a few letters in the field to display a list of approvers that start with those letters.

Requestors
Include only account requests originally created by one of the selected identities. If no requestors are specified, all requestors are included.
Click the arrow to the right of the suggestion field to display a list of all requestors, or enter a few letters in the field to display a list of requestors that start with those letters.

Applications
Show only account requests pertaining to accounts on one of the selected applications. If no applications are specified, all applications are included.
Click the arrow to the right of the suggestion field to display a list of all applications, or enter a few letters in the field to display a list of applications that start with those letters.

Target Identities
Include only account requests made for one or more of the selected identities. If no target identity are specified, all target identities are included.
Click the arrow to the right of the suggestion field to display a list of all target identities, or enter a few letters in the field to display a list of target identities that start with those letters.

Request Start and End Date(s)
The account request date range. The report provides all requests created on or after the start date and on or before the end date. You can enter the date manually, or click the [...] icon to select a date from the calendar. Date ranges can be open-ended in either direction (no start or no end date), as needed.

Approval Start and End Date(s)
The account approval date range. The report provides all approvals created on or after the start date and on or before the end date.
You can enter the date manually, or click the [...] icon to select a date from the calendar. Date ranges can be open-ended in either direction (no start or no end date), as needed.

Status
Show only account requests currently in the specified state (completed, approved, rejected, pending, canceled). If none are specified, all status levels are included.

Identity Requests Status Report

The Identity Requests Status report shows details about identity requests submitted through Lifecycle Manager; this includes both Create Identity and Edit Identity actions. Requests to create a new identity are expanded into separate requests for each attribute value, so the report displays those each on separate lines. The identity creation action is also represented as its own record in the report. The same is true for edit requests which change more than one attribute: a separate request line item is generated for each attribute. Each line on the report shows the access request ID associated with the request, the requester, the target identity name, the approval owner (commonly the identity's manager), the date of the request, and the operation to be performed, along with various other details about the request including its current status.

Use the following criteria to determine what information to use in this report. You can use any combination of options to build a report. If you do not select any options from a list, all options in the list are included in the report. You can use the Shift and Crtl keys to select multiple items from lists.

Approvers
Select the approvers to include in the report. If no approvers are specified, all approvers are included.
Click the arrow to the right of the suggestion field to display a list of all approvers, or enter a few letters in the field to display a list of approvers that start with those letters.

Requestors
Select the requestors to include in the report. If no requestors are specified, all requestors are included.
Click the arrow to the right of the suggestion field to display a list of all requestors, or enter a few letters in the field to display a list of requestors that start with those letters.

Target Identity
Select the target identity to include in the report. If no target identity are specified, all target identities are included.
Click the arrow to the right of the suggestion field to display a list of all target identities, or enter a few letters in the field to display a list of target identities that start with those letters.

Status
Select the status to include in the report. If none are specified, all status levels are included.

Request Date Range
The identity creation request date range. The report provides all requests created on or after the start date and on or before the end date.
You can enter the date manually, or click the calendar icon to select a date from the calendar. Date ranges can be open-ended in either direction (no start or no end date), as needed.

Finished Date Range
The identity creation finished date range. The report provides all requests the finished on or after the start date and on or before the end date.
You can enter the date manually, or click the calendar icon to select a date from the calendar. Date ranges can be open-ended in either direction (no start or no end date), as needed.

Lifecycle Events Status Report

The Lifecycle Events Status Report report shows details about access requests that were triggered by lifecycle events, such as Rapid Setup joiner, mover, or leaver events, or standard Lifecycle events.

Report details can include the access request ID, the requester, the target identity, the entitlement owner, and the date and type of request made, along with various details about the request including its current status. What appears in the report details will depend on the columns you selected for inclusion in the Report Layout tab.

Use the following criteria to determine the information to use in this report. You can use any combination of options to build a report. You can use the Shift and Crtl keys to select multiple items from lists.

Note

If you select no options from a list, all options in the list are included in the report.

Applications
Show only access requests pertaining to one of the selected applications.

Approvers
Include only access requests approved by, or submitted for approval to, the selected identity or identities.

Requesters
Include only access requests originally created by one of the selected identities.

Entitlements
Show only access requests that included a request for access to the selected application-attribute-entitlement combination(s).

Roles
Show only access requests that included a request for one or more of the selected roles.

Target Identities
Include only access requests made for one or more of the selected identities.

Status
Show only access requests currently in the specified state: Completed, Approved, Rejected, Pending, Cancelled.

Requested Date Range
Show only access requests made during the specified date range; date ranges can be open-ended in either direction (no start or no end date), as needed.

Finished Date Range
Show only access requests whose end date is during the specified date range; date ranges can be open-ended in either direction (no start or no end date), as needed.

Password Management Requests Report

This report shows password change requests that meet the filter criteria selected. Passwords can be changed through the Change Password option in Lifecycle Manager, through the Forgot Password option (secondary authentication through security questions), and as a result of an expired password where the system forces the user to change their password. The reason for the change is included in the report, along with the requester, the target identity, the date of the request, the application and account native identity for which the password is being changed, and the completion date (along with any comments) for the request.

Use the following criteria to determine what information is used in this report. You can use any combination of options to build a report.

Note

If you do not select any options from a list, all options in the list are included in the report.

Applications
Select the applications to include in the report. If no applications are specified, all applications are included.
Click the arrow to the right of the suggestion field to display a list of all applications, or enter a few letters in the field to display a list of applications that start with those letters.

Requestors
Select the requestors to include in the report. If no requestors are specified, all requestors are included.
Click the arrow to the right of the suggestion field to display a list of all requestors, or enter a few letters in the field to display a list of requestors that start with those letters.

Roles
Type or use the dropdown list to select the roles to include in the report. If no roles are specified, all roles are included.

Target Identity
Select the target identity to include in the report. If no target identity are specified, all target identities are included.
Click the arrow to the right of the suggestion field to display a list of all target identities, or enter a few letters in the field to display a list of target identities that start with those letters.

Cause
Select the cause type to include in the report. If no cause types are specified, all types are included.
Choose from the following types:

  • Expired Password

  • Forgotten Password

  • Change Request

Status
Select the status to include in the report. If none are specified, all status levels are included.

Request Date Range
The edit identity request date range. The report provides all requests created on or after the start date and on or before the end date.
You can enter the date manually, or click the [...] icon to select a date from the calendar. Date ranges can be open-ended in either direction (no start or no end date), as needed.

Finished Date Range
The edit identity request completion date range. The report provides all requests that were completed on or after the start date and on or before the end date.
You can enter the date manually, or click the [...] icon to select a date from the calendar. Date ranges can be open-ended in either direction (no start or no end date), as needed.

Registration Requests Status Report

This report shows the status of self-service registration requests submitted to IdentityIQ, when that feature is enabled for the installation. It shows the username for the self-registering user along with the current status, the approving or rejecting identity, and any available comments.

The following criteria is used to determine what information is used in this report. You can use any combination of options to build a report. If you do not select any options from a list, all options in the list are included in the report.

Approvers
Select the approvers to include in the report. If no approvers are specified, all approvers are included.
Click the arrow to the right of the suggestion field to display a list of all approvers, or enter a few letters in the field to display a list of approvers that start with those letters.

Target Identities
Select the target identity to include in the report. If no target identity are specified, all target identities are included.
Click the arrow to the right of the suggestion field to display a list of all target identities, or enter a few letters in the field to display a list of target identities that start with those letters.

Request Date Range
The edit identity request date range. The report provides all requests created on or after the start date and on or before the end date.
You can enter the date manually, or click the [...] icon to select a date from the calendar. Date ranges can be open-ended in either direction (no start or no end date), as needed.

Finished Date Range
The edit identity request completion date range. The report provides all requests that were completed on or after the start date and on or before the end date.
You can enter the date manually, or click the [...] icon to select a date from the calendar. Date ranges can be open-ended in either direction (no start or no end date), as needed.

Status
Select the status to include in the report. If none are specified, all status levels are included.