Skip to content

User Level Access Matrix

User levels are sets of permissions within IdentityNow that administrators can grant to users. The following table shows the IdentityNow pages and components that are accessible from each user level. For information on how to grant and remove user levels, read Granting and Removing User Level Permissions.

IdentityNow and AI Services

  Admin Cert
Admin
Helpdesk Report
Admin
Role Admin/
Sub‑admin*
Source Admin/
Sub‑admin*
End
User
Technical Name ORG_ADMIN CERT_ADMIN HELPDESK REPORT_ADMIN ROLE_ADMIN ROLE_SUBADMIN SOURCE_ADMIN SOURCE_SUBADMIN  
    Details Details Details Details Details  
Admin  
Dashboard      
Overview      
System Activity      
Tasks      
Monitor      
Data Explore          
Identities        
Identity List          
Access History          
Identity Profiles            
Governance Groups            
Activities            
Access        
Access Profiles         ✓ *  
Roles       ✓ *    
Role Insights          
Segments            
Applications            
Connections            
Sources         ✓ *  
Virtual Appliances            
Integrations            
Certifications        
Campaigns        
Campaign Filters          
Reassign Certifications          
  Admin Cert
Admin
Helpdesk Report
Admin
Role Admin/
Sub‑admin*
Source Admin/
Sub‑admin*
End
User
Password Mgmt            
Policies            
Sync Groups            
Global    
Reports    
System Settings            
Additional Settings            
Security Settings            
Email Templates            
Event Triggers            
Workflows            
Search    
Saved Search Queries    
Certification Campaigns          
Policies            
Reports    
Role Discovery          
Dashboard Home
Passwords
Preferences
Request Center
Approvals
Task Manager
Certifications

* Sub-admins can access these pages only if they are members of the governance group for the associated source. Sub-admins have the ability to search all organization data, not just data associated with their governance group.

Cloud Governance Services

SailPoint Cloud Governance Services also include user levels to customize access.

Cloud Access Management

IdentityNow Admins can access Cloud Access Management if your organization has purchased and enabled it. IdentityNow Admins can also give other users access to Cloud Access Management by granting them the following user levels:

  • Cloud Gov Admin (CLOUD_GOV_ADMIN)
  • Cloud Gov User (CLOUD_GOV_USER)

SaaS Management

If your organization has purchased and enabled SailPoint SaaS Management, you can invite dashboard users to the application and assign them the Admin or Reader user level within SaaS Management.