Clarity Entitlements
- 09 Apr 2024
- 2 Minutes to read
- Contributors
- Print
- DarkLight
- PDF
Clarity Entitlements
- Updated on 09 Apr 2024
- 2 Minutes to read
- Contributors
- Print
- DarkLight
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
Much like Downstream Applications connected to Clarity, the entitlements listed under the Clarity Application are used to define access to Clarity itself. Clarity has several entitlements, each capable of granting a different type or level of access to the application. Some entitlements can be granted automatically when they login with SSO for the first time, see the section below for details: Granting Access.
Entitlements
The entitlements listed below serve a function and Clarity and provide some level of access or permissions in Clarity. Please see the section below regarding granting someone access to Clarity
- Access Certification Admin - Remediate and finalize Access Reviews. Allows Identity to be a Default Reviewer in an Access Review when no Supervisor/Owner is available. This also grants them the ability to view reviews they are not assigned to, though they cannot Approve/Deny review items not assigned to them.
- Admin - Grants access to all facets of Clarity.
- Base User - This is required for a user to log in to Clarity, but does not grant any other access. If a user had only this access, they would see nothing in the sidebar.
- Clarity Base Entitlement - This entitlement does not have a function, it is not automatically added to users in Clarity. This can be safely ignored.
- End User - This is the lowest level of access for an account in Clarity, granting access to only the Self-Service Portal (only "Request New Access").
- Manager - Grants access to Self-Service options: Manage Subordinates, New Worker, and Perform User Access Review. Manager entitlement is required to perform User Access Reviews. When using the "New Worker" function, the selection of Organizational Units is limited to the Manager's own Organization Units and those of their existing subordinates.
Entitlements currently not in use
The entitlements listed below do not serve a function in Clarity but are related to upcoming features.
Currently not in use:
- Audit
- Read All
- Reporting
Granting Access
Grant Clarity Login
When you click the Grant Clarity Login button depicted below (this is found on the Identity page for the individual user), this enables the account to Login by granting them the Base User and End User entitlements (see above).
Password
If email is enabled for your tenant, an email will be sent to the email address prompting you to reset and create a new password for your account.
First-time login with SSO
If you have SSO correctly configured for Clarity and login for the first time:
- User attempts to log in to Clarity, which redirects to the SSO provider of your choice. The user enters their credentials into this service.
- SSO Provider either approves or denies the login attempt (based on group membership), and tells Clarity whether the login was successful.
- Clarity will add the "Base User" and "End User" entitlements, and add the user to the list of accounts with the ability to log in.
- Clarity will also grant "Manager" entitlement if the user is assigned as a Reviewer on any Access Reviews (at the time of first login only).
If you have any problems, contact your customer success team. You can also get in touch with our general support via email, open a support ticket. Our general support team is available Monday - Friday from 8:00 AM - 6:30 PM CST.
Was this article helpful?
