Documentation

Permissions

Suggest Edits

Overview

The Permissions screen in Entitle is where customers can map out users’ behaviors using the Permissions Graph. It provides a single unified view of users based on permissions granted to different application integrations.

The Permissions Graph allows Entitle’s customers to make sure their users have just enough access to different integrations and therefore allows them to identify overprivileged or unknown identities, unwanted permission chains, or toxic combinations of permissions.

If you would like to manage your organization’s permissions, please refer to Entitle's User Access Review Guide.

How to use the Permissions Graph

Log in and get to know the Permissions screen

  1. Log into Entitle and navigate to the Permissions screen.

Here, you will encounter three main sections:

  1. Filters menu

    • Users - The entities that can receive, hold, and be stripped of permissions.
    • Integration - A specific instance or integration with an application. It includes the configuration needed to connect Entitle including credentials and all the users’ permissions information.
    • Resource Type - varies depending on the integration chosen.
    • Resource - An entity within an Integration to which a user can gain access via permission, e.g. group of users.
    • Role - A level of access to which a User is entitled to a resource, e.g. Read, Admin.

  2. The Graph Key

    You can see the total number of Users, Accounts, Integrations, Resources, and Roles found according to the selected filters above.

    • Direct Access (purple) - The user has direct permission to the resource.
    • Indirect Access (green) - The selected roles are granted to the employees based on a different role granted to the employee.
    • Both (orange) - The user has direct and indirect permission to the resource.

  3. Permissions Graph functionalities

    • From left to right: Return to Center, Zoom Out, Zoom In.

Choose a preferred view to set up your Permissions Graph

There are two possible views through which you can see your Permissions Graph:

  1. Users (you can choose multiple users at once) - if chosen, it is not obligatory to fill in the rest of the filters, only in case you would like your Permissions Graph to be more specific.
  2. Integration (you can only choose one at a time). - if chosen, it is obligatory to fill in the rest of the filters.

Fill in the rest of the filters

  1. If you chose the Integration View option from the previous step or wish to create a more detailed Graph using the Users View, proceed to fill in the Resource Type, Resource, and Role filters.

  2. If you would like to reverse any of the choices you have made in your Permissions Graph, you can always click the arrow on the right side of the filter menus.

  3. The final Permissions Graph displays.

    Here is an example of a Permissions Graph with the Integration view:

Updated about 1 month ago