As an organization owner in an Identity and Access Management enabled organization that monitors violations, you can take action against the violations discovered in your organization. You access the full list of violations by navigating to Identity and Access Management > Governance > Violations.

The violations captured in your organization are grouped by the type of authentication method used to log in to VMware Cloud Services that triggered the violation. Click on the respective tab to view the full list and possible actions you can take to respond to a violation.
  • The OAuth Apps tab displays the name of the app that triggered the violation, its severity, description, and email of the organization member who created the OAuth app.
  • The API Tokens tab displays the name of the API token that triggered the violation, its severity, description, and the email of the organization member who created the API token.
  • The User Access tab displays the email of the organization member whose login attempt triggered the violation, its severity, the date the violation took place, and the source domain from which it occurred. A user access violation is captured for login attempts from any domain that is not allowed by the Source Domain authentication policy. For more information, see How do I manage user access at domain level.
The following table describes the actions you can take in response to violations in your organization.
To... Do the following...
Change the visibility of a violation This action changes the visibility status of a violation from Active to Hidden. It does not delete the violation and can be reverted.
  1. Locate the violation you want to hide and click its corresponding double arrow () to expand its details.
  2. Select the check box next to the active violation you want to hide.
  3. Click Hide.

    The violation is no longer displayed in the details section.

Display a violation that has been hidden This action displays violations with Hidden status.
  • Expand a violation's details section and switch on the Display All toggle. All violations that have been hidden are displayed.
Remove an OAuth app from your organization This action removes the OAuth app and blocks it from accessing the organization. The OAuth app is not deleted, yet no further violations will be reported from this app. The removal action cannot be reverted from the Violations page – to monitor violations from this OAuth app it has to be added to the organization again.
  1. On the Violations page, open the OAuth Apps tab.
  2. Locate the app you want to remove.
  3. Select the check box next to its name.
  4. Click Remove.
Edit the severity of a violation Based on your organization's needs, you can define the severity for any violation criterion.
  1. On the Violations page, click Settings.
  2. Use the Severity drop-down menu to change the setting for each violation criterion you want to modify.
  3. Click Save.