HelloID

Reconciliation is a governance feature aimed to ensure that the state of rights and permissions in target systems is as intended.

Users might change roles, leave the organization, or require adjustments to their access rights over time. Target applications will be updated, and errors may occur that also impact access rights. As a result, there can be a misalignment between the entitlements that should have been granted according to HelloID and the actual access rights within the target application.

The Reconciliation feature provides the ability to regularly verify that user accounts and permissions in external Active Directory and/or PowerShell v2 target systems match the state of entitlements within HelloID.

Reconciliation works by importing account and permission data from one or more connected target systems and comparing this data against the state of entitlements in HelloID. Any issues — such as unexpected accounts, missing permissions, or mismatching account statuses — are listed in a reconciliation report.

Depending on a system's reconciliation configuration, HelloID may automatically correct certain types of issues (e.g., re-create, enable, or disable accounts). Administrators can review and resolve the remaining issues manually, either individually or using bulk actions.

To get started, Set up reconciliation.