The ‘My Ownership’ tile is a new destination on the MySailPoint Home page for users assigned as owners. It includes: machine accounts, applications, and any AI agents they own. It also allows owners to update the attributes, transfer ownership, without full administrator access, and run supported lifecycle actions.
Today, only administrators can view and take actions on machine accounts or AI agents. Regular users designated as owners cannot see, manage, or interact with what they own. Ownership stays largely symbolic, which limits the value of assigning owners for accountability and lifecycle management.
Solution
My Ownership gives designated owners a single place to see what they own and take allowed lifecycle actions on machine accounts, applications, and AI agents, including transfer of ownership. For applications and AI agents, both primary and secondary owners can act on their objects. Administrators are also getting an enhanced filtering option, ‘no owner’, to help determine which machine accounts or AI Agents are missing owners.
New Capabilities
My Ownership page for Machine accounts, AI agents, and Application identities.
Non-admin owners can not only see objects they own but also updateattributes (updating correlation, account subtype, environment description), including transferring ownership to a different person:
Admin users will get the ability to perform all lifecycle actions, such as enabling/disabling, deleting, aggregating accounts, deleting AI Agents, and Application identities:
Add My Ownership tile to the Dashboard by navigating to the Home page → select MySailPoint → click on the Pencil button to edit the current dashboard → select Available Tiles → search for My Ownership tile → click Add button → click View.
Nice feature. I also noticed another tile called “My Machine Accounts,” which only displays machine accounts rather than the machine accounts & identities assigned to me. Based on this, it appears to be different from “My Ownership,” since the latter offers significantly more options.
Since the name ‘My Ownerships’ is object type agnostic, it would seem that ownership of roles, sources, governance groups, and many many others would also be visible here. At least that is what I would expect as end user and as admin.
Is adding all those object types in the plan for the near future (2026)?
If not, could you please rename this overpromising name to avoid confusion or let downs?
If they would be included soon, for those and these objects I wonder:
Will SailPoint decide for the customers that owners can give away ownership to other identities, or is it possible for each customer to let their admins decide on whether authorisation is given to owners of objects to transfer ownership to anyone they want?
After all introducing this capability to owners will introduce new risks. Can we prevent a US-based owner from transferring an object to a UK-based identity, or to an inactive identity? Or can we prevent them from transferring the object at all, since we have a security governance team authorised for this instead?
You’re right that ‘My Ownership’ is a broad name, and that is intentional. It reflects our long-term vision for a central ownership hub, and for that strategic reason, it will remain.
Our system already prevents transfers to inactive identities by default, and the upcoming ‘Identity Segmentation’ feature will solve the concern of transferring ownership from a USA-based identity to a UK-based identity.
I strongly encourage you to submit your feedback as an idea in our Aha portal. This is the most effective way for our product team to assess the demand for making ownership transfers configurable and for prioritizing the addition of new object types to the ‘My Ownership’ tile in the future.
Is there any opportunity to limit the attributes available in the update account options? Does updating ownership propagate to the source? This may be confusing for our audience with the default attributes and/or if transfer of ownership doesn’t flow to the source.
