Filtering by users, teams, or roles using the Identity Inventory

TLS Protect allows you to view information about users and teams that have access to objects in Trust Protection Platform. Collectively when we refer to users and teams, we call them identities.

Everyone can search for users or teams. However to search for roles (or to see roles on a different identity's details page, you need to meet the following condition:

  • Your user account has View and Read permissions to \VED\Identity in the policy tree

To find a specific user, team, or role

  1. Click your user icon, then click My Teams.

  2. Do one of the following:

    1. To find a specific identity (user, account, or team) start typing the first few letters of the identity's name or account name in the Name or Account box.

    2. To find members of a team, start typing the first few letters of the team name in the Membership by Team box, then click it to see a list of its members in results panel.

    3. [Conditional: If you have permissions] To find users assigned a specific role, click the Roles box and select one of the following roles:

      • Master Admin: grants access to every object, certificate, key, identity, and permission in the system. See About the Master Admin role.

        WARNING!  Use the Master Admin role with extreme caution. Users to whom you assign the Master Admin role have full permissions to every object in the Trust Protection Platform database, including certificates, private keys, and credentials. You cannot hide any objects in the system from users who have been given this role.

      • WebSDK Access: grants users programmatic access to Venafi's Web SDK. See Authorizing identity access for API Keys.

      • Auditor: grants read access to view objects that are public, such as certificates, CSRs, and public keys. Also grants read access to view certain metadata about objects with higher security requirements, such as private keys. Can also read and run existing reports. To assign the auditor role, see Adding the Auditor role to a user or group.

        NOTE  If the auditor role is assigned to a user, all other permission assignments to that user are ignored.

      For additional information, see Understanding roles.

    4. To see a single identity's groups and their roles in those groups, type the identity name in the Members box.
    5. To see what groups a team belongs to, type the group name in the Members box.

Related Topics Link IconRelated Topics