Identity Details report¶
How to view or generate this report
Go to Reports > Identities > Identity Details.
The Identity Details report (also called Identity Privileges (Current) in the report's own header) lists every application an identity has access to, and within each application, every privilege the identity holds — together with the privilege's risk rating. The data reflects the most recent import for each application.
Although the menu entry implies a per-identity export, the report is flexible: when you generate it for a specific identity it produces a one-person report; when generated from the broader identities list with no identity selected, it produces a multi-identity document with one section per identity.
When to use this report¶
- Identity audit pack. When an examiner asks "What does this person currently have access to, across the whole environment?", this report is the answer.
- Pre-termination review. Before disabling an identity, run this report to capture a full snapshot of their access for the audit trail.
- Role-change verification. After a role transition completes, run this report to confirm the post-change access matches expectations.
- Risk-focused filtering. Use the Importance Ratings filter to narrow the report to only Critical or High-risk privileges — a fast way to surface where someone holds elevated access.
Output formats¶
| Format | Notes |
|---|---|
| Excel | A multi-section spreadsheet with one section per identity. |
| A printable, per-identity document with the same content. |
Filters¶
| Option | Effect |
|---|---|
| Search Term | Narrows the report to identities whose username, first name, last name, title, or supervisor name contains the term. |
| Application | Restricts the privileges shown to a single application. |
| Identity | When the report is generated for a specific identity, only that identity is included. |
| Importance Ratings | Restricts the privileges shown to selected risk-rating tiers (None, Low, Moderate, High, Critical). |
A header at the top of the export shows the active filter values.
Sections (per identity)¶
Identity header¶
| Field | Description |
|---|---|
| Name | The identity's short display name. |
| Title | The identity's job title, if known. |
| Supervisor | The supervisor's name reported by the directory source, if known. |
| Enrollments | The names of the access models the identity is enrolled in, comma-separated. Blank when the identity has no enrollments. |
Privileges table (one row per privilege)¶
| Column | Description |
|---|---|
| Application | The application name. |
| As Of Date | The date the application's data was last imported. |
| Privilege | The privilege path's top-level header. Multi-level paths span this column and the two following label-less columns. |
| (Role) | The role portion of the privilege path. |
| (Privilege) | The leaf privilege portion of the path. |
| Access | Y if the identity has the privilege, N if explicitly denied, blank if unspecified. |
| Risk Rating | The privilege's risk rating: None, Low, Moderate, High, or Critical. Blank if no rating is set. |
When an identity has multiple application user accounts in the same application, each account gets its own privilege section within that application.
Sample¶
