Report for Deleted Access Items and Users Who Previously Had Them

sxxnex · November 25, 2025, 10:40am

Hi everyone,

I would like to check if the following is possible in Identity Security Cloud.

I’m trying to generate a combined report/list that shows deleted Roles or deleted Entitlements together with the list of Identities who previously had access to those items.

Current situation:
It seems that I can verify this only on a per-user basis using Access History, but this doesn’t give me a consolidated view.

Goal:
I want to know if there is any way to produce a single report or unified list that displays:

Deleted Roles / deleted Entitlements
And the Identities who had those accesses before deletion

If anyone has done something similar or knows whether this is supported (via Search, Reports, Access History API, etc.), your guidance would be greatly appreciated.

Thank you!

HussainshaSyed001 · November 25, 2025, 11:18am

use API /access-request-status and look response have REVOKE_ACCESS and from that you can pull accordingly

sxxnex · November 26, 2025, 12:57am

This isn’t a case where a user’s access was revoked — the Role or Entitlement itself was deleted. What I’m referring to is the list of users who had those permissions before they were deleted.

schattopadhy · November 26, 2025, 6:29am

@sxxnex you can check events with delete role passed as shown below

suresh4iam · November 26, 2025, 1:05pm

I don’t think you can get the combined report directly what you required. But I would use multiple ISC APIs to try to build the report via Workflow or any programming language.

Get the list of deleted role or entitlement events by using Search API search-post | SailPoint Developer Community
Get the role name from the Search response, I’m not sure whether it returns role/entitlement IDs to use it in the next step.
Use the identity history API list-identity-snapshot-access-items | SailPoint Developer Community to loop through all the identities by using access item name filter and get the list.
Or try to use another search API instead of steps 2 & 3 to get the “Remove Role Passed” events with role name attribute value.

system · January 25, 2026, 1:05pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
More detailed logs of Access History in ISC ISC Discussion and Questions aggregation , identity-security-cloud , provisioning , access-history	6	52	January 29, 2026
How do we extract the report of users who has been removed from a set of Entitlements from a set period ISC Discussion and Questions identity-security-cloud , provisioning , access-requests , entitlements , access-history	6	88	January 13, 2026
Historical identities of a Role ISC Discussion and Questions identity-security-cloud , provisioning , roles , access-history	9	113	August 25, 2025
How can generate a single report of entitlements owned by terminated users in Sailpoint ISC ISC Discussion and Questions identity-security-cloud , access-requests , reports , access-history , reporting	3	46	December 16, 2025
Viewing Access History - SailPoint Identity Services Idea Discussions	1	73	September 4, 2024

Report for Deleted Access Items and Users Who Previously Had Them

Related topics