# psLens for Security Administrators > How PeopleSoft security administrators use psLens to audit access, run security reports, and manage permission lists, roles, and users. --- LLMS index: [llms.txt](/llms.txt) --- ## The Challenge PeopleSoft security is complex. Users are assigned to roles. Roles contain permission lists. Permission lists grant access to components, pages, and web services. Understanding who has access to what means tracing through multiple layers, often across dozens of screens or with custom SQL queries. An overly-broad permission list can expose sensitive data; a forgotten role assignment can give someone access they should not have. Manual review misses both because there is too much to check. ## How psLens Changes This ### Automated Security Reports psLens includes built-in security audit reports that analyze your configuration and surface findings automatically: - **Full Access Report**: Identifies permission lists with unusually broad access across components - **Nodes Without Passwords**: Flags integration nodes configured without authentication - **Web Service Access Report**: Shows which permission lists can invoke web services and REST endpoints Reports run in the background and store results for review, download, and sharing. Run them on demand or schedule them as part of your regular audit cycle. ### Permission List Deep Dives Search for any permission list and instantly see: - Component access grants - Page-level permissions within each component - Which roles include this permission list - Which users are ultimately affected You skip the SQL and the page-by-page click-through. ### Role and User Tracing Start from any direction: - **From a user**: See all assigned roles and the permission lists they carry - **From a role**: See which users have it and what permission lists it contains - **From a permission list**: See which roles use it and which users are affected ### Security Chain Visualization Understanding the full security chain (User > Roles > Permission Lists > Component Access) usually means opening multiple windows and cross-referencing. psLens links everything together — click through the chain from any starting point. ### Reduce App Designer Access One of the simplest ways to improve your security posture is to remove App Designer access from people who only use it for research. Business analysts, functional consultants, auditors, and support staff often have App Designer access because there is no other way to look up PeopleSoft metadata. psLens gives them that capability without the ability to modify objects, run SQL, or connect directly to the database. See [Reducing App Designer Access](/docs/use-cases/reducing-app-designer-access/) for details. ## Common Security Audit Tasks | Task | Without psLens | With psLens | | ----------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------- | | Find all users with access to a component | Write SQL joining PSROLEUSER, PSROLECLASS, PSAUTHITEM | Search the component, see permission lists and trace to users | | Identify overly-broad permission lists | Manual review or custom queries | Run the Full Access report | | Check if nodes have passwords | Query PSMSGNODEDEFN manually | Run the Nodes Without Passwords report | | Audit web service access | Join multiple IB security tables | Run the Web Service Access report | | Document security for an audit | Export queries, format in Excel | Export from psLens to Markdown | ## Get Started
Request a Demo Security Reports Docs