Access Review Report/ App Insight
Overviewβ
In this article, you can learn what data is available in the App Insights from the system generated access review report. You can read more details explaining each report category. You also have the option to download the report from different data category pages. You can create a custom query to access some of the data more efficiently. There is a Rule Builder to customize your results. Alternatively, you can write Odata to run a query by choosing Advanced Odata.
What Is the Access Review Reportβ
Access review reports are an essential component of Identity and Access Management (IAM) software. In Apporetum, we offer access review report of Entra ID (formerly Azure Active Directory) directory. The system will generate the report and you can find the generation date at the top of the page.
The purpose of these reports is to ensure that users have access only to the resources they need to perform their job responsibilities and that access is granted in a timely and appropriate manner. The access review report is a critical tool for organizations to maintain the security and integrity of their systems and data, ensure compliance with regulations, and minimize the risk of data breaches and other security incidents.
If you would like some other data categories that we don't offer at this stage, we recommend you contact us to discuss further.
Navigate to Access Review Reportβ
- Click Apps main menu option
- Search/find then click the app
- Select Insights tab on the app page to view all the available data
- Click View under each category to access more detailed user account information
- Alternative way
if you choose Info tab, you can choose View Report to access those insight data too.
Available Dataβ
-
All Accounts: standard users have a role in this app on Apporetum, excluding app managers or console users
-
Dormant Accounts: user accounts haven't been logged in in your organizations in the last 90 days but remain enabled
-
External Accounts: accounts are outside your organization but meet the eligibility of this app setting to be assigned to a role in Apporetum
-
Orphaned Accounts: accounts are not associated with an identity in the HR system or can't link back to the HR system either
-
Incomplete Information: accounts that are created and went through all the HR processes but haven't been logged in the directory yet
-
External Pending Accounts: accounts are guest accounts, which are outside this organization that are pending acceptance of their invitation
-
Accounts by Password Last Reset: accounts that reset their password
-
Memberships by Role: the number of memberships sorted by their role in this Apporetum app
-
Accounts SignIn Activity: accounts by last signIn date/period
-
Account Status: accounts that are either enabled or disabled.
Disabled accounts mean those accounts are disabled in the systems and can't be logged in. However, those accounts are still in the directory and haven't been removed from it.
Custom Queriesβ
- Go to Access review report page
- Click Try Custom Query
- Choose the rule builder create a query
Rule Builder would give you enough options to run queries. However, if you prefer more customized and advanced queries and are comfortable with Odata, Advanced Odata would be a more powerful tool for you to use. If you need help with Advanced Odata, please contact Apporetum tech support.
Using Rule Builder to Set up a Queryβ
- Click + Rule
- Choose a property/option
- Choose which operator to define this rule
- Choose a value
- Click Run Query if you just want to create a single rule
- Click Download to get a report copy that can be saved on your local device
- Click + Group if you want to set up combined rules
- Choose from AND, OR operators
- Repeat the steps of + Rule
- AND will be done prior OR
- A Group will group the rules together and will sort within itself
For example, rule A and Group B or rule C, the result will be ((A and (B)) or C)
