Skip to content

User Level Access Matrix

The following table shows the Identity Security Cloud pages and components that are accessible from each user level. Refer to User Level Permissions for more information about each level.

Note

Multiple user levels can be granted to a user; however, the following cannot be assigned at the same time:

  • Role Admin and Source Sub-Admin
  • Role-Sub Admin and Source Admin
  • Role-Sub Admin and Role Admin
  • Source-Sub Admin and Source Admin

The user's access is cumulative across all granted user levels.

  Admin Cert Admin Helpdesk Report Admin Role Admin Sub-Admin Source Admin Sub-Admin Cloud Gov Admin/User End User
Technical Name ORG_ADMIN CERT_ADMIN HELPDESK REPORT_ADMIN ROLE_ADMIN ROLE_SUBADMIN SOURCE_ADMIN SOURCE_SUBADMIN CLOUD_GOV_ADMIN
CLOUD_GOV_USER
 
    Details Details Details Details Details Details
Admin    
Dashboard        
Overview        
Access Intelligence Center 2     2        
Aggregation Activity        
Tasks      
Monitor        
Data Explore            
Identity Management          
Identities   3          
Accounts         4    
Access History            
Identity Profiles              
Outliers            
Governance Groups              
Activities              
Access          
Entitlements         1    
Access Profiles         1    
Roles       1      
Role Insights            
Segments              
Applications              
Connections              
Sources         1    
Virtual Appliances              
Integrations              
Multi-Host Sources              
  Admin Cert Admin Helpdesk Report
Admin
Role Admin
Sub-Admin
Source Admin
Sub-Admin
Cloud Gov Admin/User End User
Certifications          
Campaigns          
Campaign Filters            
Password Mgmt              
Policies              
Sync Groups              
Global      
Reports      
System Settings              
Additional Settings              
Security Settings              
Email Templates              
Event Triggers              
Workflows              
Search      
Saved Search Queries      
Certification Campaigns            
Policies              
Reports      
Role Discovery            
Dashboard Home
Passwords
Preferences
Request Center
Approvals
Task Manager
Certifications
CIEM            

1 Sub-admins can access these pages only if they are members of the governance group for the associated source. Sub-admins have the ability to search all organization data, not just data associated with their governance group.

2 Access Intelligence Center can be accessed by Admins and Report Admins who have been granted the Author or Reader user level.

3 Helpdesk Admins cannot revoke access items or manually set identity lifecycle states.

4 Source Admins can view all accounts. Sub-admins can only view accounts for sources associated with the governance groups they are members of.

Data Access Security User Levels

Refer to the following documentation for information about Data Access Security user levels.

Documentation Feedback