Skip to content

Interacting with Identity Graph

When you have an identity graph open, you can:

Interacting with the Access Objects

Interacting with the graph and its nodes involves manipulating the graph to explore the data with actions.

Use the icons at the bottom of the graph, right-click a blank space on the graph or node for a list of actions, or use the keybindings.

You can manipulate the graph using the following actions.

Action Description
Zoom in and out To zoom in or out of the graph, use the mouse wheel. Zooming into a graph allows you to view a specific area for a more thorough examination of the relationships, view details, and pinpoint data points.

To zoom in on the graph so all its nodes are visible on the screen, select Zoom to Fit.

To realign the graph to the center of the Identity Graph interface, select Center Graph.
Pan Drag the background of the graph to move it in any direction without changing its zoom level. After zooming in, pan to navigate and inspect specific areas to analyze the data more closely.
Drag The identity graph or individual nodes can be dragged to a new position on the graph.

Drag the identity graph
To drag a graph and view certain parts of the graph, especially if you have zoomed in on the graph, left-click anywhere on the graph, not a node, and move the mouse to reposition the entire graph.

Drag an individual node
Drag an individual node to visually rearrange, organize complex relationships, and create a more intuitive layout to enhance your interaction and exploration. Left-click and hold, then move the mouse to reposition the node on the graph.
Expand To expand a node and reveal its hidden connections, select the Plus in the node. Expanding nodes provides a better understanding of the relationships, allowing you to explore the graph more deeply.

To expand all nodes in all the layers that have a Plus, select Expand All Objects

To expand only the visible nodes that have a Plus, select the Expand Next Layer of Objects.
Collapse To collapse a node and hide its connections, select the Minus in the node. Collapsing nodes helps organize the graphs and simplify the visual display, allowing you to focus on other areas of the graph.

To hide all connections that have a Minus, select the Collapse All Objects.
Locking Nodes The locked node does not move when you manipulate the graph.

To lock a single node, right-click the node. A blue ring is present around the node when selected. Then select Lock node. A purple ring is present around the node when locked.
Unlocking Nodes The unlocked node moves when you move the graph. To unlock a node, select a node with a purple ring, right-click, and select Unlock node.

To unlock all locked nodes, select the Unlock All Nodes icon.

Using Keybindings

Select the Keybindings icon in the top right for a complete list of keyboard shortcuts to help you quickly navigate actions, commands, and functions.

Viewing Access Object Details

To view additional details about each node:

  • Node label - Hovering over an identity shows the labels of the identity and those of all its access items. Hovering over an access item highlights only its connections and their labels.

  • Access Object Details window - Displays information from the access object details available in Identity Security Cloud. To open, right-click an access object and select View Details. The available actions are dependent on the access object type.

    Select the dropdown arrow for each heading to view the details.

    Information relating to identities

    Section Description
    Details View additional information about an identity.
    Attributes Lists additional attributes linked to the identity.
    Events View a list of key identity events.
    Accounts View the machine accounts linked to the identity.

    Information relating to access items

    Section Description
    Details View information about the access object.
    Source View source and account attribute details.

Node Actions

When you right-click a node, the outer ring of the node highlights blue. Select from a list of actions. The available actions are dependent on the access object type.

Action Description
View Graph Select this option to open the identity graph for the selected node.

Opening another identity graph causes you to lose any updates to the open identity graph.

To save the identity graph:
- Create a snapshot.
- If you opened a saved snapshot, make sure to update your snapshot.
- If you've made updates to a shared snapshot and want to save the changes, create a new snapshot.
View Details Select this option to open the details panel and display attribute information. For more information, refer to Viewing Access Object Details.
Open in ISC Select this option to open the access object in Identity Security Cloud. This action opens Identity Security Cloud in a new tab, while keeping your Identity Graph browser tab open.
Add to Explorer List Select this option to add the access object to the Explorer for easy access. For more information, refer to Adding Access Objects to the Explorer.
Remove from Explorer list Select this option to remove the access object from the Explorer. If you remove a root node from the explorer, the graph also closes. For more information, refer to Removing Access Objects from the Explorer.
Lock Node Select this option to lock the position of the node to its current position on the graph. Locking the node prevents it from moving when you manipulate the graph.
Unlock Node Select this option to unlock the position of the node. Unlocking the node allows it to move when you move the graph.
Filter by this Node Select this option to display the selected access object and its relationships.

Filtering Data Presented on a Graph

Manipulate the data to display granular data combinations by leveraging the filters. When you select a filter, the identity graph updates and presents you with the data relating to your selected filter criteria.

  1. Select Filters to the left of the identity graph.
  2. Apply a filter using one of these methods:

    • Use the toggle to select a predefined filter.

      • Multiple Path Access - Only display the access connections that contain more than one path.
      • Privileged Access - Only display the nodes with a privilege indicator of high.
      • Recently Granted Access - Only display the access granted within the last 30 days.
      • Outliers - Rare Access - Only display the entitlements assigned to less than 1% of the organization. To display this line, your organization must utilize the Identity Outliers feature in Identity Security Cloud.
    • Build your own by adding one or more filter criteria. Select Apply Filter to apply and update the identity graph.

      • Type - Select the access object to filter on.
      • Attribute - Select the attribute to use in this filter.
      • Operator - Choose an operation to compare the attribute to the value you enter.
    • Toggle a filter and then apply filter criteria.

  3. The identity graph data is updated to match the filter criteria.

Note

Filter criteria are connected by AND operators, and return items that have all of your search terms in the access object.  

Adding Layers and Changing the Layout

You can apply multiple layers and change the layout of the graph to improve clarity and visualize the identity graph in a different aspect.

Adding Layers

Add layers to reveal additional information about the node.

  1. Select Layers to the left of the identity graph.
  2. Select one or more layers.

    • Labels - When you hover over a node, the metadata is displayed for the node and all its connections.
    • Context - Adds color and relationships to lines.
    • Names - The name of each node is visible on the graph.
  3. The layer is applied and visible on the graph.

A green dot marks added layers, while a grey dot indicates that the layer has not been applied.

Changing the Layout

By default, the identity graph is displayed in a dynamic layout, where the root node is centered on the graph. Other available layouts include top-down and left-right.

To change the layout of an identity graph:

  1. Select Layouts to the left of the identity graph.
  2. Select the layout choice to be applied to the graph.

    • Dynamic - Displays the root node centered on the graph.
    • Top-down - Positions the root node at the top and displays all other nodes below.
    • Left-right - Displays the root node to the left and all other nodes to the right.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.