Prod Discrepancies - 2026-04-01

Tenant: default tenant

1. Authority path status shows `Active` even when the path is not executing

Observed: 10 total paths; 5 show 0 observed executions in 30 days but still display status Active
Expected: If Active means actively executing, paths with no observed executions should not be labeled Active
Impact: The UI overstates real activity and may mislead operators about which paths are actually in use

Observed: For paths with no observed executions, the details view includes:
- Additional standing authority, not exercised
- All grants for this workload have been observed executing
Expected: Messaging should be internally consistent with the path's observed execution history
Impact: The details page creates conflicting interpretations of actual vs standing authority

Observed: Access paths with 0 observed executions show Unproven execution as an active governance condition/risk
Expected: This state should appear under Standing authority not exercised, not as a governance condition
Why: Governance conditions should be reserved for actual risk signals such as corporate identity, scope drift, owner removal, long-lived credentials, identity reuse, and similar policy/risk findings
Impact: The UI conflates unused authority with governance risk, which distorts prioritization and makes the path state harder to interpret

Observed: Microsoft Graph roles are shown using technical IDs rather than human-readable role names. Other role sources appear to render names correctly
Expected: Microsoft Graph roles should also display role names, consistent with other role types
Why: The technical ID is not locatable/searchable in Azure and does not help investigation
Impact: Microsoft Graph role references are harder to understand and less operationally useful than other role references

Observed: When the dashboard is grouped by identity, the Observed executions column changes to Max executions, and the count formatting changes to N max
Expected: Preserve Observed executions terminology consistently when changing grouping/filtering on the same dashboard
Why: Grouping should not silently change the meaning or labeling of the primary execution metric unless that distinction is explicitly necessary and explained
Impact: The dashboard becomes harder to interpret and may imply a metric change the user did not ask for

Observed: Each governance condition already has a left-side risk indicator icon, but the row also repeats the same state with a Failing pill on the right
Expected: Remove the Failing pill and rely on the existing icon/condition styling to convey status
Why: The pill does not add new information and creates unnecessary visual noise
Impact: The section feels denser and less scannable without improving clarity

Observed: Card values, except for Egress type, use an excessively large font. The text looks visually inconsistent with the rest of the application and can be cut off when it does not fit within the tile
Expected: Reduce the value font size to align with the application's normal typography scale and ensure values fit within the card layout
Why: The current typography is visually jarring and causes avoidable truncation
Impact: The section is less readable and feels less polished than the rest of the product

Observed: The Create ticket button exists on the access path/access chain view but is disabled. A working Create ticket capability already exists in Top Risk Reducers
Expected: Enable Create ticket on access path/access chain views, match the styling/branding used in Top Risk Reducers, and reuse the same interaction pattern
Why: The product already has an established ticket-creation pattern that is functional and understandable
Impact: Users are blocked from taking action directly from the path/chain context and see inconsistent action behavior across the product