To view user certification details:
In the Self Service tab of Oracle Identity Self Service, click the Certifications box. The Pending Certifications page is displayed with a list of certification tasks assigned to you, and for which you are the primary reviewer or delegated reviewer.
Click a certification task name to open it in a new page. The user certification summary of the certification task opens in a new page.
Review the following sections of the user details:
The user certification name and certification creation date appears at the top of the page. Clicking the information icon adjacent to the certification name displays a Certification Details pop-up with detailed statistics of the current certification being reviewed. The details include information about Overview, Progress Details, and History.
In the table that lists the users, the user name is a hyperlink. Clicking this hyperlink opens the access details of the user.
|
Note: Access details of the user are described in steps 4 through 6 in this procedure. |
The Detailed Information section consists of the following tabs:
User Information: This tab displays user attributes that are included in the certification snapshot during certification generation. The user name is a hyperlink. Click the user name to display the user details in a new tab.
Risk Summary: This tab identifies why a user's Risk Summary is High/Medium/Low based on various factors. The pie chart in this tab displays the overall breakdown of a user's risk. Click any area of the chart to open the detail screen of the user certification. To view the risk items in a tooltip, place your mouse pointer over the charts.
This tab also displays a graph that breaks down the risk levels based on the roles, accounts, and entitlements the user has, as well as their associated risk levels. Click any area of the graph to open the detail screen of the user certification. To view the risk items in a tooltip, place your mouse pointer over the graph.
Action History: This tab displays the various delegation paths available on the user details page, and a trail of the actions taken by the reviewers as well as by Oracle Identity Manager. Possible details displayed include all the actions that are available in the Actions menu, as well as proxy, escalate, expire, and route. The route action indicates that certification oversight is active.
Review the following sections of the role details displayed when you click the user name to view the user details:
|
Note: Depending on the entities assigned to the user, such as roles, accounts, and entitlements, the information is displayed, as described in steps 4 through 6. |
The User Detail section displays the user attributes that are included in the certification snapshot during certification generation.
The table lists the roles with Display Name, Action, and Risk Summary.
The Detailed Information section consists of the following tabs:
Catalog Information: This tab displays the default catalog attributes that are included as part of the default snapshot creation. The Name and Owner fields are hyper-linked. Clicking these hyperlinks opens the role detail and user details pages in new tabs.
Risk Summary: This tab identifies why the Risk Summary is High, Medium, or Low based on various factors, such as Item Risk, Last Certification Decision, Provisioning Method, and Audit Violations. If there are no audit violations associated with the item, then the Audit Violations entry is not displayed. The Provisioning Method field is hyper-linked. Clicking this hyperlink opens the appropriate access policy or access request details in a new tab.
Certification History: This tab displays the various certification decisions made by reviewers in the past on the given line-item.
Action History: This tab displays the phase in which the reviewer made a given decision. Possible values include all the actions that are available in the Actions menu, as well as proxy, escalate, and expire.
Audit Violations: This tab displays a list of audit violations associated with the selected item. Information includes the policy name, status, remediator, and severity for each audit violation. If there are no audit violations, then the list is empty.
|
Note: The Audit Violations tab applies only to the User Certification type. |
Review the following sections of the account details:
The account name and the application instance name are displayed in the table, along with the underlying entitlements associated to the account. Accounts and entitlements are indicated by different icons.
The Detailed Information section consists of the following tabs:
Catalog Information: This tab displays the account details that are the default catalog attributes. These attributes must be included as part of the default snapshot creation. The Name and Certifier fields are hyper-linked. Clicking these hyperlinks opens the account detail and user details pages in new tabs.
Risk Summary: This tab identifies why the Risk Summary is High, Medium, or Low based on various factors, such as Item Risk, Last Certification Decision, Provisioning Method, and Audit Violations. If there are no audit violations associated with the item, then the Audit Violations entry is not displayed. The Provisioning Method field is hyper-linked for an access request. Clicking this hyperlink opens the appropriate access policy or access request details in a new tab.
Certification History: This tab displays the various certification decisions made by reviewers in the past on the given line-item.
Action History: This tab displays the phase in which the reviewer made a given decision. Possible values include all the actions that are available in the Actions menu, as well as proxy, escalate, and expire.
Audit Violations: This tab displays a list of audit violations associated with the selected item. Information includes the policy name, status, remediator, and severity for each audit violation. If there are no audit violations, then the list is empty.
Review the following sections of the entitlement details:
The account name and the application instance name are displayed in the table, along with the underlying entitlements associated to the account. Accounts and entitlements are indicated by different icons.
The Detailed Information section consists of the following tabs:
Catalog Information: This tab displays the entitlement details that are the default catalog attributes. These attributes must be included as part of the default snapshot creation. The Display Name and Certifier fields are hyper-linked. When you click the Display Name of the entitlement, the granular entitlement hierarchy, if it is being captured in the catalog for a given entitlement, is displayed in a new tab. Clicking the Certifier name opens the user details page in a new tabs.
Risk Summary: This tab identifies why the Risk Summary is High, Medium, or Low based on various factors, such as Item Risk, Last Certification Decision, Provisioning Method, and Audit Violations. If there are no audit violations associated with the item, then the Audit Violations entry is not displayed. The Provisioning Method field is hyper-linked. Clicking this hyperlink opens the appropriate access policy or access request details in a new tab.
Certification History: This tab displays the various certification decisions made by reviewers in the past on the given line-item.
Action History: This tab displays the phase in which the reviewer made a given decision. Possible values include all the actions that are available in the Actions menu, as well as proxy, escalate, and expire.
Audit Violations: This tab displays a list of audit violations associated with the selected item. Information includes the policy name, status, remediator, and severity for each audit violation. If there are no audit violations, then the list is empty.
To display the details of the access rights for the next user in the certification task, click Next at the top of the page. You can click First, Previous, Next, and Last buttons to navigate between the pages for the access rights of each user. You can click Back to Summary to go back to the user certification detail page.