> ## Documentation Index
> Fetch the complete documentation index at: https://docs.oleria.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Business rules

Business rules in Workspace Settings let you configure thresholds and classifications that Oleria uses across identity security analytics. Adjusting these settings shapes how dormancy, risk SLAs, and access token validity are evaluated throughout the product.

For example, Oleria defaults to classifying any account as dormant after 30 days of inactivity. If your organization's policy uses a different threshold, you can update that here - and the change will be reflected in dashboards, group status, and the access graph.

Only Administrators can change business rule settings.

## Dormant days

Define the number of days of inactivity after which an account is considered dormant. This value affects dormant account counts in dashboards, group status in Group Utilization, activity paths in the Access Graph, and the Workspace dashboard's dormant account and unutilized group metrics.

Oleria's default is **30 days**.

<Steps>
  <Step title="Navigate to Dormant Days settings">
    Go to **Settings** → **Business Rules** → **Dormant Days**.
  </Step>

  <Step title="Set the threshold">
    Enter the number of days after which an account is considered inactive.

    ![Dormant Days configuration in Business Rules settings](https://cdn.prod.website-files.com/63fc7e99bfef1938067db500/67ca38c0a2b077e9ea431720_AD_4nXdk3cn3Is1KXDciZYdbbo7k2WtOHTQxgJ-Zt6NDACvTN00hTIlcypdSLPhj4HCsroVxQ9sACssA_ymvJ7d748LqKMBP3iguR4TBTUXipffiBOQADAr7P1A16cD9Q6fRqzA.png)
  </Step>

  <Step title="Save and confirm">
    Save the change. The new value takes effect after the next data sync, which typically completes within one hour.
  </Step>
</Steps>

<Note>
  After the change takes effect: account active/inactive status updates across Group Utilization data and graphs; solid and dotted lines in the Access Graph reflect the new threshold; and the Workspace dashboard updates dormant account and unutilized group metrics.
</Note>

## Service level agreement (SLA)

Define the number of days for each risk severity level after which a risk is considered out of SLA. This affects the SLA breakdown metrics in Risk Monitoring.

Oleria's defaults:

* **Critical** - 3 days or more
* **High** - 7 days or more
* **Moderate** - 30 days or more
* **Low** - 60 days or more

<Steps>
  <Step title="Navigate to SLA settings">
    Go to **Settings** → **Business Rules** → **Service Level Agreement**.
  </Step>

  <Step title="Set the SLA thresholds">
    Enter the number of days for each risk severity level.

    ![Service Level Agreement configuration in Business Rules settings](https://cdn.prod.website-files.com/63fc7e99bfef1938067db500/67ca38c033176b313ba6a5b6_AD_4nXfzAd3Ugi0Z_TuDvGUf97c_0igsKLEFr23o6VYyyOx3O8JARcGHQhQKpn0ovE5MY_KQFV8RY3BnbL-_5elNA9dKx-ADC9M0f7grfeVUXhUOo5e-gpL3gGuNbAPmm-AWHA.png)
  </Step>

  <Step title="Save and confirm">
    Save the change. The new values take effect after the next data sync and apply to existing synced data as well. This typically completes within one hour.
  </Step>
</Steps>

## Personal access tokens

Access tokens authenticate to SaaS applications in place of usernames and passwords. For GitHub, personal access tokens (PATs) are common when authenticating from the command line or via APIs.

Define the maximum number of days a personal access token is considered valid. Tokens older than this threshold are flagged as a risk.

<Steps>
  <Step title="Navigate to Personal Access Tokens settings">
    Go to **Settings** → **Business Rules** → **Personal Access Tokens**.
  </Step>

  <Step title="Set the maximum validity period">
    Enter the maximum number of days for which a personal access token is considered valid.
  </Step>

  <Step title="Save the change">
    Save the setting.
  </Step>
</Steps>

## Contact us

For questions, contact us at [support@oleria.com](mailto:support@oleria.com).
