Enabling Data Segmentation

Identity Security Cloud org admins can use the feature settings UI to enable or disable data segmentation for your implementation. This feature is disabled by default, meaning that users’ access to records is always global.

1. Go to Admin > Global > System Settings.
2. Select Feature Settings from the left navigation.
3. Under Feature Settings, select Other Features.
4. Select Enable Data Segmentation to enable it.
5. Select Save.

When data segmentation is disabled, you are still able to use the UI and edit segments. However, even published and enabled segments do not affect user access unless the data segmentation feature is enabled in the system settings.

When data segmentation is enabled, it controls users' record level access. Any records that were previously restricted on a given source by a sub-administrator user level, such as role sub-admin and source sub-admin, are no longer restricted.

Caution

Some API keys will fail when Data Segmentation is enabled and you attempt to search for roles or entitlements. Refer to Creating an API Key.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.