Universal Directory

Gather precise information across all your identities and their activities with preconfigured reports under the following categories:

General Reports

The following report is available under this category.

Newly Added Users: This report provides a list of the user accounts that were created within the specified period. You can view the display name of a created user object, the user who added it, the directory type, the creation time, and more.

The following reports are available under this category:

User Logon Activity: This report shows the logon activity of all users. You can view the logon time, logon status, client IP address from which the logon activity took place, and more.
User Logon Failure: This report generates the number of failed logons along with their details, like the logon time, the reason for the failed logon attempt, and the client IP address from which the logon activity took place.
Active User Sessions: This report displays a comprehensive list of users and technicians currently logged in. It provides details such as their display names, the count of active sessions, and directory information, including directory type and name. Additionally, you have the option to close all sessions for a user or a technician directly from this report.
Inactive Users: This report lists the users or technicians who have not logged on or whose sessions have been idle over the past specified number of days. It also lists the sessions where the technicians logged on to Identity360.

The following reports are available under this category.

SSO Assigned Users: This lists the users assigned to the selected application. You can view details like the user who assigned the application and the date of the assignment.
SSO Usage: This shows how many times a user has logged on to an application using SSO during any specific period. You can also see the last time an application was used by a user.

The following reports are available under this category:

Enrolled Users: This report shows the details of users who have registered for MFA and the authenticators they have enrolled in. It displays information such as a user's first and last name, logon name, enrollment status, enrollment time, as well as the time of the most recent modification of enrollment data, the associated directory name and type, and the option to generate backup codes.

To learn more about enrolled and partially enrolled users displayed in the Enrollment Status column, see user enrollment status.
The View option in the Enrolled Authenticators column displays the list of authenticators that each user has enrolled in. Additionally, if you wish to disenroll a user from a particular authenticator, you can click Delete.

Note: The primary email address of the user cannot be deleted as it is used for logging in to Identity360.

The Generate Code option under the Admin Backup Code column allows admins to generate backup codes that can be sent to users for identity verification in situations where they cannot access their MFA device or use their enrolled MFA authentication factors. Learn more.
Set the expiration time for the backup verification codes by selecting the pencil icon to limit the use of backup codes for a specific period. The expiration time must be at least 10 minutes and cannot exceed the maximum limit of 360 minutes.

Note: To activate the option to generate backup codes for users, refer to Advanced Settings.

If you wish to disenroll users from the secondary authenticators, select the users and click the Disenroll option.
Select All Authenticators or the specific authenticators you want the user to be disenrolled from and click OK.

Non-Enrolled Users: This report displays the details of the users who have not enrolled in any authentication method, as well as the users who have been disenrolled by admins through the Enrolled Users report. It presents information such as each user's display name, email address, enrollment status, and directory.
MFA Attempts: This report shows both the successful and failed attempts made by users when logging on to Identity360 with the authenticators they used to verify their identity. It presents details such as the username, authentication time, device and browser details, authenticators used, verification status, and user's IP address.

The User Agent Details column displays the OS, browser, and device through which the verification was performed.
The Authenticator Attempts column provides information about the authenticators through which each user validated their identity before gaining access, the time of authentication, and whether they successfully authenticated and logged on to Identity360.

MFA Protected Devices: This report provides details about the devices secured by Identity360's MFA. It includes information such as the device name; whether the device is linked to Azure AD or hybrid Azure AD; the name, type, and version of the OS installed in the device; as well as the agent version and installation time. It also displays the last time the device was connected to Identity360.

The following report is available under this category.

License Reclaimed Users: This shows the details of all the users whose licenses have been revoked in the specified period.