Skip to content

Enabling Data Segmentation

Identity Security Cloud org admins can use the system features UI to enable or disable data segmentation for your implementation. This feature is disabled by default, meaning that users’ access to records is always global.

  1. Go to Admin > Global > System Settings.
  2. Select System Features from the left navigation.
  3. Select the Data Segmentation checkbox.
  4. Select Save.

When data segmentation is disabled, you are still able to use the UI and edit segments. However, even published and enabled segments do not affect user access unless the data segmentation feature is enabled in the system settings.

When data segmentation is enabled, it controls users' record level access. Any records that were previously restricted on a given source by a sub-administrator user level, such as role sub-admin and source sub-admin, are no longer restricted.

Caution

Some API keys will fail when Data Segmentation is enabled and you attempt to search for roles or entitlements. Refer to Creating an API Key.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.