Identities
View and govern human and non-human identities with access to your data.
The Identities page consolidates every principal that can reach a monitored data asset — human users, service accounts, IAM roles, federated identities, and third-party tokens.
Identity inventory
For each identity Aurva shows:
- Type — human, service, role, federated, or third-party token
- Source — IdP, cloud IAM, database user, or external integration
- Reachable assets — count of data assets the identity can access, with breakdown by sensitivity
- Privilege level — read, write, admin, or root-equivalent
- Last seen — most recent observed activity
Risk surfaces
Aurva flags identities that exhibit any of:
- Access to many sensitive assets (concentration risk)
- Long-standing inactivity (stale credentials)
- Root or admin privileges that aren't required by usage patterns
- Use across unusual hours or geographies
Workflow
Use the External Identities widget on the Overview Dashboard for a quick top-N view, then drill into Identities for the full inventory and bulk actions like revoke or rotate suggestions.