How to identify the gaps where users have entitlements that were not granted through roles

jrossicare · August 25, 2025, 11:41pm

Hi

This is a question on RBAC maturity. Do you all assign access (entitlements) only through roles? or is some granted elsewhere?

I am wondering how to identify the gaps in ISC, where users have entitlements that were not granted through roles.

If you do a certification campaign on Roles, you will miss these extra entitlements that a user may have.

Also, how would you review these extra entitlements? is there a way to identify them?

Thank you!

amankumargupta · August 26, 2025, 4:58am

I have seen in the APIs response if the entitlement is granted out of role it will have standalone flag as true

system · October 25, 2025, 4:59am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certification of Entitlements that are part of a Role ISC Discussion and Questions identity-security-cloud	5	960	July 19, 2023
IdentityAI - Potential roles ISC Discussion and Questions	4	1039	July 19, 2023
Access outside role ISC Discussion and Questions apis , identity-security-cloud	3	445	August 18, 2023
Campaign for entitlement assignments without role/access profiles ISC Discussion and Questions roles , search , access-profiles , entitlements	1	556	July 19, 2023
RBAC Certification Campaign ISC Discussion and Questions identity-security-cloud	5	68	October 26, 2024