About the View One Person Page
- Phillip Hanegan
Each resource object that EmpowerID protects has a View One page associated with it. For people, this page is the “View One Person Page.” This page contains tabs and accordions that provide information about a specific person and gives administrators and other delegated users the ability to manage that person in EmpowerID. The below image shows what a typical View One Person Page looks like to a user with admin access to the person.
Tabs and Accordions on the View One Person Page
The View One Person Page contains a number of tabs and accordions that provide information about the specific person being viewed and access to workflows for managing that person.
The Manage tab allows users to view basic information about a person and manage that person as needed. The tab contains a number of components to include informational cards about the person, as well as various accordions that provide authorized users access to workflows for managing the person.
Components of the Manage tab include the following:
Component | Purpose |
|---|---|
Work Card | Displays basic work information for the person, such as their title, department, and manager. |
Contact Card | Displays basic contact information for the person, such as their telephone number and email address. |
General Card | Displays general information about the person, such as their EmpowerID Login and default home page. |
Advanced Card | Displays advanced information about the person, such as their Person ID and Password Manager Policy ID. |
Roles, Accounts, and Login Security Accordion | Displays the Business Roles, Management Roles, and users accounts associated with the person, as well as provides access to edit these as needed.
|
Access Assignments Accordion | Displays current RBAC assignments for the person as well as provides access to create new ones |
Group Membership Accordion | Displays current group memberships for the person as well as provides access to create new ones and remove current ones |
PBAC Attribute Assignments Accordion | Displays current PBAC attribute assignments for the person as well as provides access to create new ones |
Field Type Values for Assignee Accordion | Displays current field type values for the person |
Org Chart and Relationships Accordion | Displays current org chart information for the person, such as their manager, and provides access to edit and update those relationships |
Multifactor Authentication Accordion | Displays current MFA types assigned to the person and provides access to update those types as needed |
Shareable Resources (UMA) Accordion | Displays any shareable resources belonging to the person |
Actions Accordion | Provides access to various workflows for managing the person, such as Reset Password, Terminate Person, and Unenroll Person |
Additional Information Accordion | Provides access to additional information about the person, such as “Who Has Access to this Person”, etc. |
The Report tab provides an overview of information related to the person, such as all user accounts owned by the person’s Core Identity, the amount of access the person has in the system, policies linked to the person, and more. The tab contains a number of components to include informational cards about the person, as well as various subtabs and accordions that allow users to drill deeper into an aspect of information related to the user and manage that information as needed.
Components of the Report tab include the following:
Component | Purpose |
|---|---|
General Card | Displays general information about the person, such as whether the account is active |
Authentication Card | Displays authentication information about the person, such as whether second factor is required to log in |
Extension Attributes 1-10 Card | Displays extension attributes 1-10 for the person, if any |
Extension Attributes 11-20 Card | Displays extension attributes 11-20 for the person, if any |
Identities Tab | Displays the user accounts owned by the person, the personas linked to the same Core Identity, and all user accounts owned by the person’s Core Identity. |
Access Tab | Displays current access by category for the person |
Lifecycle Tab | Displays categorized lifecycle information about the person, such as the resources that have been provisioned or revoked by policy |
Azure Tab | Displays Azure-related information for the person, such as any functions the person may have in Azure
|
Risks Tab | Displays risk-related information for the person, such as any violations to current Risk policies |
Policies Tab | Displays policy-related information for the person, such as any inherited Provisioning policies |
Other Tab | Displays miscellaneous information about the person, such as resources for which the person is a responsible party |
The Optimize tab provides quick access to visual dashboards of information related to role and group memberships for the person, as well as allows users to view basic information about a person and manage that person as needed. The tab contains a number of components to include informational cards about the person, as well as various accordions that provide authorized users access to workflows for managing the person.
Components of the Optimize tab include the following:
Component | Purpose |
|---|---|
Membership Dashboard | Displays quick view of the number of Management Roles and groups the person belongs to |
Functional Access Card | Displays any local functions the person has, and the risk level associated with those functions |
Rights Usage Card | Displays any rights in the system used by the person |
Risk Violations Card | Displays violations of organizational risk policies for the person, if any |
Owned User Accounts Card | Displays user accounts owned by the person (whether joined to the person object via inventory of an external system or provisioned for the person via policy) |
RBAC Memberships and Accounts Owned Card | Displays role memberships granted via the RBAC engine and user account owned by the person |
Access Tab | Displays access the person currently has in the system via direct and indirect assignments (such as belonging to a role that grants access to a group, etc.) |
Azure Tab | Displays Azure-related information for the person, such as any functions the person may have in Azure |
Risks Tab | Displays risk-related information for the person |
The Activity History tab allows users to view information related to a person’s activity in your environment.
Components on this tab include the following:
Component | Purpose |
|---|---|
Login History Accordion | Displays information about the last 30 logins of the person. |
Map of Recent Logins Accordion | Displays on a map the location of the person when logging in |
Sessions Accordion | Displays information about any computer sessions initiated by the person via Privileged Session Management |
Computers and Devices Accordion | Displays information about the computers and devices used by the person |
Audit Log for Person and Owned Resources Accordion | Displays the last 46 records of actions performed against the person. |
Membership Changes | Displays group membership changes associated with the person. |
Account Attribute Changes Accordion | Displays information about attribute changes made to the person |