Documentation

Entitlements | Insights

Suggest Edits

What is the Entitlements page?

Entitlements grant an account a higher level of access or privileged permissions. The Entitlements page displays your detections and identities by recommended solutions to potential risks.

Privilege is broken down into Highest, High, Moderate, Low, None, and Undetermined, based on each entitlement's administration and access capabilities.

How is it useful?

The Entitlements page allows you to review the key entitlements associated with your organization, and evaluate whether to remove or replace them with lower privileges. It allows you to view which accounts have access to your organization's key entitlements.

Evaluating entitlements detected by Insights can identify concerns like dormant account access, over-permissioned accounts, and the environments and sources to which they are provisioned.

Use the page to discover how many accounts have access to high-level administrative privileges, and view which entitlements grant access to connected applications or permissions.

The Entitlements page

Entitlements display in order of privileged access and associated accounts by default. View entitlements by provider, type, amount of privileged access, and more.

Click on any entitlement summary to display a detailed list of the accounts privileged with the selected entitlement, including the source system, account name, and provider. Columns can be shown or hidden using checkboxes by clicking the Columns button.

  1. Navigation menu: Access BeyondTrust apps and their menus, and Pathfinder administration pages if you are assigned as an administrator.
  2. Header: Select a site or Administration from the menu, manage your profile, and change the display theme.
  3. Controls: Select a filter to refine your results. Click Reset Filters to remove all filters from your results.
Controls list

  • Name: The name of the entitlement. Enter text to search, optionally, select a filter.

  • Privilege: The level of the entitlement: Highest, High, Moderate, None.

  • Type: The type of entitlement. Select a type from the list to filter the records.

  • Provider: The name of the connector. Select a name from the list to filter for that provider.

  • Location: The location of the provider.

  • Scope: Entitlements associated with environments, groups, and more. Enter text to search , optionally, select a filter.

  1. Bookmark, Filter, and Export settings: Add bookmarks to save a view, create a filter, and export the current view to a PDF file.
  2. Entitlements list columns:
Column names

  • Name: The name of the entitlement.

  • Privilege: The level of the entitlement: Highest, High, Moderate, Low, None, and Undetermined

  • Category: The type of entitlement. Examples include: API permission, Group member, RBAC role, role.

  • Provider:The name of the connector.

  • Location: The location of the provider.

  • Scope: Entitlements associated with environments, groups, and more.

  • Accounts: The number of accounts assigned the entitlement.

Detect entitlement-related risks

The Entitlements page can highlight unnecessary, unusual, or unused levels of privileged access.

  • Sort your entitlements by Privilege to display the highest level of privileged permissions.
  • Organize entitlements by Source and Provider to show only detections associated with the selected system, or filtered by Scope to show entitlements associated with environments, groups, and more.
  • Filter the Type column by Role, Permission, App (such as associated Identity Providers), and Group.

Updated 22 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.