User Level Access Matrix
The following table shows the IdentityNow pages and components that are accessible from each user level. Refer to User Level Permissions for more information.
Note
Multiple user levels can be granted to a user. The user's access is cumulative across all granted user levels.
User Level Matrix
| Admin | Cert Admin |
Helpdesk | Report Admin |
Role Admin/ Sub‑admin* |
Source Admin/ Sub‑admin* |
Cloud Gov Admin/ Cloud Gov User |
End User |
|
| Technical Name | ORG_ADMIN | CERT_ADMIN | HELPDESK | REPORT_ADMIN | ROLE_ADMIN ROLE_SUBADMIN | SOURCE_ADMIN SOURCE_SUBADMIN | CLOUD_GOV_ADMIN CLOUD_GOV_USER | |
| Details | Details | Details | Details | Details | Details | |||
| Admin | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Dashboard | ✓ | ✓ | ✓ | ✓ |
| Overview | ✓ | ✓ | ✓ | ✓ | ||||
| System Activity | ✓ | ✓ | ✓ | ✓ | ||||
| Tasks | ✓ | ✓ | ✓ | ✓ | ||||
| Monitor | ✓ | ✓ | ✓ | ✓ | ||||
| Data Explore | ✓ | ✓ | ||||||
| Identities | ✓ | ✓ | ✓ | |||||
| Identity List | ✓ | ✓ ** | ||||||
| Access History | ✓ | ✓ | ||||||
| Identity Profiles | ✓ | |||||||
| Outliers | ✓ | ✓ | ||||||
| Governance Groups | ✓ | |||||||
| Activities | ✓ | |||||||
| Access | ✓ | ✓ | ✓ | |||||
| Access Profiles | ✓ | ✓ * | ||||||
| Roles | ✓ | ✓ * | ||||||
| Role Insights | ✓ | ✓ | ||||||
| Segments | ✓ | |||||||
| Applications | ✓ | |||||||
| Connections | ✓ | |||||||
| Sources | ✓ | ✓ * | ||||||
| Virtual Appliances | ✓ | |||||||
| Integrations | ✓ | |||||||
| Certifications | ✓ | ✓ | ✓ | |||||
| Campaigns | ✓ | ✓ | ✓ | |||||
| Campaign Filters | ✓ | ✓ | ||||||
| Reassign Certifications | ✓ | ✓ | ||||||
| Admin | Cert Admin |
Helpdesk | Report Admin |
Role Admin/ Sub‑admin* |
Source Admin/ Sub‑admin* |
Cloud Gov Admin/ Cloud Gov User |
End User |
|
| Password Mgmt | ✓ | |||||||
| Policies | ✓ | |||||||
| Sync Groups | ✓ | |||||||
| Global | ✓ | ✓ | ✓ | ✓ | ✓ | |||
| Reports | ✓ | ✓ | ✓ | ✓ | ✓ | |||
| System Settings | ✓ | |||||||
| Additional Settings | ✓ | |||||||
| Security Settings | ✓ | |||||||
| Email Templates | ✓ | |||||||
| Event Triggers | ✓ | |||||||
| Workflows | ✓ | |||||||
| Search | ✓ | ✓ | ✓ | ✓ | ✓ | |||
| Saved Search Queries | ✓ | ✓ | ✓ | ✓ | ✓ | |||
| Certification Campaigns | ✓ | ✓ | ||||||
| Policies | ✓ | |||||||
| Reports | ✓ | ✓ | ✓ | ✓ | ✓ | |||
| Role Discovery | ✓ | ✓ | ||||||
| Dashboard Home | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Passwords | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Preferences | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Request Center | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Approvals | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Task Manager | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Certifications | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
* Sub-admins can access these pages only if they are members of the governance group for the associated source. Sub-admins have the ability to search all organization data, not just data associated with their governance group.
** Helpdesk Admins cannot manually set identity lifecycle states.