As an Organization Owner user in an Identity Governance and Administration (IGA) activated Organization that monitors violations, you can take action against the violations discovered in your Organization. You access the full list of violations by navigating to .
The violations captured in your Organization are grouped by the type of authentication method used to log in to
VMware Cloud Services that triggered the violation. Click on the respective tab to view the full list and possible actions you can take to respond to a violation.
- The OAuth Apps tab displays the name of the app that triggered the violation, its severity, description, and email of the Organization user who created the OAuth app.
- The API Tokens tab displays the name of the API token that triggered the violation, its severity, description, and the email of the Organization user who created the API token.
- The User Access tab displays the email of the Organization user whose login attempt triggered the violation, its severity, the date the violation took place, and the source domain from which it occurred. A user access violation is captured for login attempts from any domain that is not allowed by the Source Domain authentication policy. For more information, see .
The following table describes the actions you can take in response to violations in your Organization.
To... | Do the following... |
---|---|
Change the visibility of a violation | This action changes the visibility status of a violation from Active to Hidden. It does not delete the violation and can be reverted.
|
Display a violation that has been hidden | This action displays violations with Hidden status.
|
Remove an OAuth app from your Organization | This action removes the OAuth app and blocks it from accessing the Organization. The OAuth app is not deleted, yet no further violations will be reported from this app. The removal action cannot be reverted from the Violations page – to monitor violations from this OAuth app it has to be added to the Organization again.
|
Edit the severity of a violation | Based on your Organization's needs, you can define the severity for any violation criterion.
|