Skip to content

Discovering Common Access

Access Modeling helps administrators discover and manage access that is common across an organization and not tied to a specific job function. Bundling common, or birthright, access into roles that can be assigned to large groups of employees improves your access model by enabling:

  • Faster and more efficient onboarding
  • Fewer access requests and certifications of non-risky items
  • More relevant insights and suggestions from Role Discovery and Access Request Recommendations

Important

The entitlements included in common access roles are excluded from future Role Discovery and Access Request Recommendations processes.

New common access roles can be discovered in the following ways:

Confirm Discovered Common Access Roles After Signing In

  1. Sign in to Identity Security Cloud. When SailPoint has discovered common access roles, admins receive a notification.

  2. In the notification, select Confirm common access to see the discovered common access roles.

  3. Deselect the Common Access checkbox for any roles you do not want to designate as common access.

  4. Select Confirm. SailPoint will check to see if there are any more common access roles and display them.

Discover Common Access Roles During Role Discovery

You can select the Discover Common Access Roles option when you discover roles starting from either Role Insights or Search.

Manually Designate an Existing Role as Common Access

You can designate an existing role as common access on the role page (Admin > Access Model > Roles > <role name>) by selecting the Common Access checkbox.

You can also designate an existing role as common access using the IAI Common Access API.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.