Identity chain
What makes the user trustworthy?
alice@company.com
org identity
acct_01AbcXyz...
provider account
Users detail story
Alice should be shown as a stable but high-consequence user story: trusted identity, meaningful access, and influence across shared lanes.
A user detail page is most valuable when it explains trust, consequence, and shared scope rather than repeating static account metadata.
Trusted but consequential user
Why does this user deserve a story page if she is not the unresolved one?
Sessions
6
Most of the high-signal developer work
Spend
NaN
Large enough to anchor recent activity
Primary lane
NaN
Shared with other important sessions
Sensitive context
NaN
Auth and config work appear often
c6 detail reference
alice@company.com
Significance
Email :
alice@company.com
Role :
engineer
OS Username :
alice
Account ID :
acct_01AbcXyz...
Organization :
qpoint-dev
Primary Agent :
Claude Code
Sessions
The raw detail keeps recent runs tied to endpoint and model.
Agent | Endpoint | Model | Started | Cost |
|---|---|---|---|---|
| Claude Code | alice-mbp.local | claude-sonnet-4-6 | 14 min ago | $0.43 |
| Claude Code | alice-mbp.local | claude-sonnet-4-6 | 4 hr ago | $0.87 |
| Cursor | alice-mbp.local | claude-opus-4-6 | yesterday | $1.11 |
Endpoints
c6 pairs the user with the machines they actually use.
Hostname | OS | Type | Sessions |
|---|---|---|---|
| alice-mbp.local | macOS | developer | 6 |
| 10.0.1.44 | macOS | unknown | 1 |
Key findings
What this representative item changes in the story
3 findings
Finding | Body | Operator note |
|---|---|---|
Trust starts strong here | Email, account id, and host all align cleanly for Alice. | That makes her a strong narrative anchor for the rest of the graph. |
Shared infrastructure is the caveat | The user is known, but the key and some adjacent tooling remain shared. | That is why the page still needs a meaning layer. |
Normal work can be consequential | Alice’s work touches auth and configuration context often enough to shape the story. | Consequence does not require obviously suspicious behavior. |
Immediate actions
Point to action before deeper raw inspection
3 actions
Use Alice as a baseline anchor :
Compare unresolved or weaker identity chains against this stable user pattern.
Review the shared key around the lane :
Confirm whether the shared credential use matches Alice’s normal work shape.
Trace the highest-signal session :
Open the session story to follow how Alice’s work moved from company context to outbound traffic.
User trust map
The user story should connect person, endpoint, agent, and company context into one accountability view.
user
A meaning-layer user page is about anchored interpretation, not only account metadata.
Focus
alice@company.com
Stable developer identity tied to the most meaningful recent work.
trusted anchor
Execution lane
How does the user work?
Claude Code
primary lane
alice-mbp.local
stable host
Company context
What does the user touch?
api-refactor
auth repo path
.env + config files
sensitive context
Shared infrastructure
What complicates the story?
shared org key
caveat
provider traffic
expected but relevant
identity strength
high
company consequence
high
shared caveat
1
next drill
session detail
Evidence bundles
Bundle the story instead of reconstructing it from rows
4 bundles
Bundle | Body | Why it matters |
|---|---|---|
Identity bundle | alice@company.com, acct_01AbcXyz..., and OS username alice all align. | This is the strongest trust anchor in the lane. |
Execution bundle | Claude Code on alice-mbp.local is the dominant lane for recent meaningful work. | This explains why Alice appears near several other high-signal entities. |
Context bundle | Auth and config-related repo paths recur in Alice’s recent sessions. | That is why her work carries company consequence. |
Boundary bundle | Some of the important file activity in Alice’s sessions precedes outbound traffic. | The sequence is why the story matters operationally. |