Take a tour of Certifications

Version 16

    When you're completing a certification, you can review a variety of information from the User Certification Screen so that you can approve or revoke the access of the identities you're reviewing.


    This page includes a list of items that the user has access to. You can approve or revoke their access to each of these items.


    NOTE: Entitlements are grouped by the source they come from. Within each group, entitlements marked as privileged come first. After that, entitlements are ordered alphabetically.


    certifications tour.png


    1.pngClick All Users to go back to the User Certification list.
    2.pngUse < and > to page through the people you need to certify.
    3.pngThe IdentityNow display name of the person you're certifying.
    4.pngCancel reverts any changes you have made and Save Decisions saves your changes.
    5.pngIn the Access Profiles section, you'll see any access profiles that your user has that need to be certified. Access profiles are bundles of entitlements that sometimes grant access to apps.
    6.pngDecisions Left indicates the number of items remaining in that section that still need to be approved or revoked.
    7.pngClick the Actions icon and select an action to perform on selected access items.
    8.pngIn the Applications column of the Access Profiles section, you can see any apps that the user can access as a result of the access profile you're certifying. Click the number to see a list of the apps tied to any access profile.
    9.pngThe Entitlements column displays the number of entitlements in the access profile. Click the number to see a list of the entitlements.
    10.pngIn the Decision column, click Approve or Revoke for each item the user can access. Be sure to make a decision for each item in both the Access Profiles and Entitlements sections.
    11.pngDescription displays the description your administrator has added to an access item. Account displays the unique account identifier for the user's account on the sources associated with the access profile.

    Any exceptions for an access item appear below the Description and Account. Exceptions might include:

    • If the user was granted this access item since the last certification campaign, it is marked as New Access.
    • If an access item is sensitive, it is marked as Privileged.
      • The first time you run a certification campaign for your users, all access items are marked as New Access.
      • At this time, access profiles can't be marked as privileged.
    13.pngIn the Entitlements section, you can see any entitlements the user has that are not part of access profiles.
    14.pngClick View to determine how much detail you can see about an entitlement. Options are Descriptions or Descriptions and Entitlements.


    For more information, see: