Identity Search Criteria
The search criteria text fields support partial text strings using a starts-with protocol. For example, if you input "ro" in the Last Name field, the search results include Thomas Rowen and Betty Roberts.
If you want to use a "contains" type of search, so that using "ro" in the Last Name field would include "Brown" as well as "Rowen" and "Roberts," use the Advanced Search option and choose "Is Like" for the search operator. See Using Advanced Search Options.
Your search criteria is used to narrow the search results. If you do not type information in a search criteria field, all possible choices are included. For example, if you do not select an application from the Applications list, all applications are included.
Note: If the Load Saved Search panel displays, the search criteria for that search is loaded on the page. To create a new search click Clear Search.
The search fields are inclusive or "AND" type searches. Only actions matching values specified in all fields are included in the search results. For example, if you search by First Name John and Last Name Doe, the search results include only users with the character string John in their first name and Doe in their last name.
Use the Fields to Display panel on the right to select the identity and risk fields to display on the search results page.
Specify the search criteria and columns to display and click Run Search to display the search results. From the search results page, you can review the results of your search and save the search. See Search Results.
The Identity Search page has the following information:
Criteria |
Description |
Identity Attributes
You can use full or partial strings in the text fields. Simple text searches use starts with logic; for example, "ro" in the Last Name field returns Roberts and Rowen. To search for results that contain the text string in the field, use the Advanced Search option and choose is like as the Search Type. |
|
Searchable Attributes
|
|
Last Name |
Last name criteria to use in the query. |
First Name |
First name criteria to use in the query. |
User Name |
User name criteria to use in the query. |
Display Name |
The identity name in IdentityIQ. |
|
Email address criteria to use in the query. |
Manager |
Manager criteria to use in the query. |
Is Inactive |
Select True to include identities currently marked inactive or False to include identities that are currently active in the search results. |
Is Manager |
Select True to include identities that are marked as manager or False to include identities that are not marked as manager in the search results. |
Type |
Employee type: |
Software Version |
Only applicable to RPA / Bots
|
Administrator |
Only applicable to RPA / Bots
|
Applications |
Select the applications to include in the search. If no applications are specified, all applications are included. |
Detected Roles |
Select the detected roles to include in the search. If no roles are specified, all roles are included. |
Instance |
The attribute that uniquely identifies a specific subdivision of an application. |
Assigned Roles |
Select the assigned roles to include in the search. If no roles are specified, all roles are included. |
Workgroup |
Select the workgroups to include in the search. If no workgroups are specified, all workgroups are included. |
Include Assigned Role Hierarchy |
Select to include roles that are inherited from the assigned roles you selected for your search. |
Criteria |
Description |
Entitlement Filters |
|
Entitlement Metadata
|
|
Certification |
Has uncertified entitlements – use the dropdown list and select True or False to specify search results that include identities that have uncertified entitlements. |
Request |
Has entitlements that were not requested – use the dropdown list and select True or False to specify search results include identities with entitlements that were not requested. |
Other |
Aggregation Status – specify if the search must include identities whose entitlements are associated with applications that are Connected or Disconnected for aggregation. |
Criteria |
Description |
Multi-Valued Attributes: By default, IdentityIQ does not come preconfigured with any multi-valued attributes. Multi-valued attributes are created during deployment and configuration. |
|
Certification Score |
The sum of compensated risk scores associated with certifications. |
Risk scores and compensating factors are defined when IdentityIQ is configured.
Criteria |
Description |
Composite Score |
The total composite risk score for the identity. |
Role Score |
The sum of the compensated risk scores of each role assigned to this identity. |
Role Score (Base) |
The sum of role base risk scores. |
Entitlement Score |
The sum of the compensated risk scores of each entitlement assigned to this identity. |
Entitlement Score (Base) |
The sum of entitlement base risk scores. |
Policy Score |
The sum of compensated risk scores associated with policy violations as defined when IdentityIQ was configured. |
Certification Score |
The sum of compensated risk scores associated with certifications. |