On the Access explorer page you’ll find queries to help you explore and understand your organization’s access data so you can mitigate potential security risks. The results of select queries are also summarized on the Security tab of the dashboard.
Here are the available queries, the data each query presents, which queries are also shown on the security dashboard, and how you can filter each query to zoom in on the information most relevant to you.
|What the query shows
|All accounts for all applications.
|Accounts without an account owner
|All accounts for all applications with no account owner set.
|Accounts granted at least one entitlement designated high risk.
|Accounts that have not been logged into within the timeframe you select.
|By app (required)
|All accounts for all applications with either no account owner or a deactivated user set as the account owner.
|Apps with a deactivated owner
|Applications with a designated application owner whose account is deactivated.
|Apps with one owner
|Applications that have a single designated application owner.
|Entitlements with a deactivated owner
|Entitlements with a designated entitlement owner whose account is deactivated.
|Entitlements with one owner
|Entitlements that have a single designated entitlement owner.
|All resources for all applications.
By resource type
By risk level
|Resources with a deactivated owner
|Resources with a designated resource owner whose account is deactivated.
|High-risk role grants (permanent)
|All users granted a role designated high risk without a time limit on the grant.
|High-risk role grants (temporary)
|All users granted a role designated high risk with a time limit on the grant.
|Users with access grants that have no time limit.
|Users without a manager
|Users with no manager user attribute set.