Skip to content

Identity Graph

SailPoint Identity Graph provides a unified view of relationships between identity data in an intuitive graph visualization. Identities, roles, access profiles, and entitlements can all be visualized in the graph, providing a comprehensive view of an identity's access. Allowing you to gain valuable insight into who has access to what, how they have gained that access, and if that access is appropriate.

Identity Graph helps you:

  • Visualize a compromised identity's blast radius and impact on downstream applications, resources, and data.

  • Understand the relationship between nested entitlements to build views of hierarchy and inheritance.

  • Build an understanding of aggregate risk across your access model through risk heatmaps.

  • Clearly grasp the exposure of highly sensitive access across the organization.

  • Leverage graph data to easily satisfy audit and compliance reporting requirements.

Integrated directly into Identity Security Cloud, Identity Graph enables you to take action to remediate identity hygiene and unnecessary or risky access.

User Levels and Permissions

To access Identity Graph, users must be an Org Admin or assigned the Identity Graph Admin level. For more information about these user levels and their permissions, refer to User Level Access Matrix and User Level Permissions.

Accessing Identity Graph

There are multiple methods to open the identity graph for an access object.

  • Select the Identity Graph icon available on an access object page in Identity Security Cloud.

  • Go to Home > Identity Graph to open the Identity Graph interface. The identity graph last viewed is displayed. From the Identity Graph interface, search for an access object.

  • Open a private or shared Identity Graph snapshot. Select Snapshots on the Identity Graph interface. In the Snapshots window, select the snapshot you want to interact with from Your Private Snapshots and All Shared Snapshots.

Note

  • When opening an identity graph for an access object from Identity Security Cloud, the Identity Graph interface opens in the same tab as the Identity Security Cloud window. When you close Identity Graph, you return to the last page viewed in Identity Security Cloud.

  • From the Identity Graph interface, opening an access object using the Open in ISC action opens a new tab to display Identity Security Cloud. Your Identity Graph browser tab stays open.

Closing Identity Graph

When you have finished working in Identity Graph, select the Exit in the top right.

  • If you entered Identity Graph from an access object, using the Identity Graph icon , you are returned to the last page viewed in Identity Security Cloud.
  • If you navigated directly to Identity Graph from the Identity Security Cloud Home tab, you are returned to the home dashboard.

For access objects opened via the Open in ISC action, close the Identity Security Cloud browser tab. On the Identity Graph browser tab, select the Exit in the top right.

Note

Identity Graph stores the last graph viewed. When you reopen Identity Graph, using Home > Identity Graph,  the last identity graph is opened. Entering Identity Graph from a specific access object opens the graph for that access object.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.