ConductorOne Docs


Definitions for terms used in ConductorOne and its documentation.

  • Access Reviews: Enable organizations to efficiently control and manage users’ access to critical applications and role assignments. Access Reviews allow an ADMIN of ConductorOne to assign a task to designated employees (reviewers). A reviewer can then Approve or Deny the request for Access.

  • Account Type: User or Service Account.

  • Applications: A datasource ConductorOne connects to execute Access Reviews as a way to mitigate risk and control permissions for your organization.

  • App Profiles: Used to provision groups of entitlements (membership of groups, application assignments, etc.) to a user.

  • Directory: The application you use to manage access requests and reviews against your users, groups, and applications. Most likely managed through an Identity Provider (IdP) such as Google Workspace or Okta.

  • Entitlements: Allow organizations to map individuals/accounts to a certain permission level or group. They also describe actions an individual can take against the items they have access to.

  • Identity: The set of values or attributes that determine an entity.

  • My work: The certification, approval, and revocation tasks an employee is assigned to review and complete.

  • Policies: Reusable workflows that govern how access is granted, revoked, or certified. When an access request is created, ConductorOne will identify the right workflow and execute it in the context of the request.

  • User: Directly pulled from your cloud directory. These accounts can authenticate to the ConductorOne platform for Access Reviews.