Audit and Review User Access

Generate comprehensive access reports, identify security risks, ensure compliance, and prepare for audits.

Quarterly Access Review Workflow

Step 1: Get Complete User List

Bash
    
 
GET /admin/api/users/list
Copy

Export to spreadsheet for review.

Step 2: Check Each User's Access

Bash
    
 
# For each user:GET /authz/api/v1/users/user-XXX/rolesGET /authz/api/v1/users/permissions?userId=user-XXX
Copy

Step 3: Identify Issues

Red Flags:

Users with no groups (direct role assignments)
Users with admin access who shouldn't have it
Inactive users (last login >90 days)
Contractors with permanent employee access
Users in too many groups (>5)

Step 4: Generate Report

Report Template:

User	Email	Groups	Roles	Last Login	Issues
user-123	sarah@...	Data Eng	viewer	2024-12-05	OK
user-124	old@...	8 groups	admin	2024-06-01	Inactive, Too many groups

Step 5: Take Action

Bash
    
​x
 
# Disable inactive usersPUT /admin/api/users/user-124 {"enabled": false}​# Remove excess groupsPUT /admin/api/users/user-124/remove-groups {...}
Copy

APIs Used

GET /admin/api/users/list - All users with details
GET /authz/api/v1/users/:userId/roles - User roles
GET /authz/api/v1/users/permissions - Effective permissions
GET /admin/api/users/count - Total user count

Last updated on

Was this page helpful?