diff --git a/public/__redirects b/public/__redirects
index db30468978030d..cf971c8ed9e254 100644
--- a/public/__redirects
+++ b/public/__redirects
@@ -2146,7 +2146,7 @@
/cloudflare-one/analytics/private-network-discovery/ /cloudflare-one/insights/analytics/shadow-it-discovery/#private-network-origins 301
/cloudflare-one/analytics/access/ /cloudflare-one/insights/analytics/access/ 301
/cloudflare-one/analytics/gateway/ /cloudflare-one/insights/analytics/gateway/ 301
-/cloudflare-one/analytics/users/ /cloudflare-one/insights/logs/users/ 301
+/cloudflare-one/analytics/users/ /cloudflare-one/team-and-resources/users/users/ 301
/cloudflare-one/api-terraform/access-api-examples/azure-group/ /cloudflare-one/api-terraform/access-api-examples/entra-group/ 301
/cloudflare-one/api-terraform/gateway-api-examples/ /cloudflare-one/policies/gateway/ 301
/cloudflare-one/api-terraform/gateway-api-examples/dns-policy/ /cloudflare-one/policies/gateway/dns-policies/common-policies/ 301
@@ -2252,7 +2252,7 @@
/cloudflare-one/identity/idp-integration/ping-saml/ /cloudflare-one/identity/idp-integration/pingfederate-saml/ 301
/cloudflare-one/identity/idp-integration/saml-okta/ /cloudflare-one/identity/idp-integration/okta-saml/ 301
/cloudflare-one/identity/login-page/ /cloudflare-one/applications/login-page/ 301
-/cloudflare-one/insights/analytics/ /cloudflare-one/insights/analytics/analytics-overview/ 301
+/cloudflare-one/insights/analytics/ /cloudflare-one/insights/analytics-overview/ 301
/cloudflare-one/insights/dex/fleet-status/ /cloudflare-one/insights/dex/monitoring/ 301
/cloudflare-one/insights/logs/logpush/rdata/ /cloudflare-one/insights/logs/logpush/#parse-logpush-logs 301
/cloudflare-one/applications/custom-pages/ /cloudflare-one/applications/ 301
@@ -2423,6 +2423,9 @@
/cloudflare-one/applications/casb/ /cloudflare-one/cloud-and-saas-findings/ 301
/cloudflare-one/applications/casb/manage-findings/ /cloudflare-one/cloud-and-saas-findings/manage-findings/ 301
/cloudflare-one/applications/casb/casb-dlp/ /cloudflare-one/cloud-and-saas-findings/casb-dlp/ 301
+/cloudflare-one/insights/analytics/analytics-overview/ /cloudflare-one/insights/analytics-overview/ 301
+/cloudflare-one/insights/risk-score/ /cloudflare-one/team-and-resources/users/risk-score/ 301
+/cloudflare-one/insights/logs/users/ /cloudflare-one/team-and-resources/users/users/ 301
# Email Security new revamp
/cloudflare-one/email-security/email-monitoring/download-report/ /cloudflare-one/email-security/monitoring/download-report/ 301
diff --git a/src/content/changelog/risk-score/2024-06-17-okta-risk-exchange.mdx b/src/content/changelog/risk-score/2024-06-17-okta-risk-exchange.mdx
index 38c8e2c55a7031..8ea537e6da6066 100644
--- a/src/content/changelog/risk-score/2024-06-17-okta-risk-exchange.mdx
+++ b/src/content/changelog/risk-score/2024-06-17-okta-risk-exchange.mdx
@@ -6,6 +6,6 @@ date: 2024-06-17
import { Render } from "~/components";
-Beyond the controls in [Zero Trust](/cloudflare-one/), you can now [exchange user risk scores](/cloudflare-one/insights/risk-score/#send-risk-score-to-okta) with Okta to inform SSO-level policies.
+Beyond the controls in [Zero Trust](/cloudflare-one/), you can now [exchange user risk scores](/cloudflare-one/team-and-resources/users/risk-score/#send-risk-score-to-okta) with Okta to inform SSO-level policies.
diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-saml-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-saml-saas.mdx
index 0f5aa870a98d5b..aa09ff36e8b8b1 100644
--- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-saml-saas.mdx
+++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-saml-saas.mdx
@@ -105,7 +105,7 @@ To send additional SAML attributes to your SaaS application, configure the follo
### JSONata transforms
-In **Advanced settings** > **Transformation**, you can enter a [JSONata](https://jsonata.org/) script that modifies a copy of the [User Registry identity](/cloudflare-one/insights/logs/users/). This is useful for setting default values, excluding email addresses, or ensuring usernames meet arbitrary criteria. Access will send the modified user identity to the SaaS application as SAML attributes.
+In **Advanced settings** > **Transformation**, you can enter a [JSONata](https://jsonata.org/) script that modifies a copy of the [User Registry identity](/cloudflare-one/team-and-resources/users/users/). This is useful for setting default values, excluding email addresses, or ensuring usernames meet arbitrary criteria. Access will send the modified user identity to the SaaS application as SAML attributes.
:::note
JSONata transformations are not compatible with [SAML attribute statements](#saml-attribute-statements). JSONata transformations will override any specified SAML attributes.
diff --git a/src/content/docs/cloudflare-one/changelog/risk-score.mdx b/src/content/docs/cloudflare-one/changelog/risk-score.mdx
index 5862ba232811df..41c6187bc94fd0 100644
--- a/src/content/docs/cloudflare-one/changelog/risk-score.mdx
+++ b/src/content/docs/cloudflare-one/changelog/risk-score.mdx
@@ -17,4 +17,4 @@ import { ProductChangelog, Render } from "~/components";
**SentinelOne signal ingestion**
-You can now configure a [predefined risk behavior](/cloudflare-one/insights/risk-score/#predefined-risk-behaviors) to evaluate user risk score using device posture attributes from the [SentinelOne integration](/cloudflare-one/integrations/service-providers/sentinelone/).
+You can now configure a [predefined risk behavior](/cloudflare-one/team-and-resources/users/risk-score/#predefined-risk-behaviors) to evaluate user risk score using device posture attributes from the [SentinelOne integration](/cloudflare-one/integrations/service-providers/sentinelone/).
diff --git a/src/content/docs/cloudflare-one/insights/analytics/analytics-overview.mdx b/src/content/docs/cloudflare-one/insights/analytics-overview.mdx
similarity index 99%
rename from src/content/docs/cloudflare-one/insights/analytics/analytics-overview.mdx
rename to src/content/docs/cloudflare-one/insights/analytics-overview.mdx
index f2bd7126749d97..900514499e3834 100644
--- a/src/content/docs/cloudflare-one/insights/analytics/analytics-overview.mdx
+++ b/src/content/docs/cloudflare-one/insights/analytics-overview.mdx
@@ -2,7 +2,7 @@
pcx_content_type: reference
title: Analytics overview
sidebar:
- order: 2
+ order: 1
---
The Cloudflare One Analytics overview provides a dashboard that reports on how Cloudflare One is protecting your organization and networks.
diff --git a/src/content/docs/cloudflare-one/insights/analytics/index.mdx b/src/content/docs/cloudflare-one/insights/analytics/index.mdx
index d6f5d0e803e678..4741b0fcc065ed 100644
--- a/src/content/docs/cloudflare-one/insights/analytics/index.mdx
+++ b/src/content/docs/cloudflare-one/insights/analytics/index.mdx
@@ -1,6 +1,6 @@
---
pcx_content_type: navigation
-title: Analytics
+title: Dashboards
sidebar:
order: 1
group:
@@ -9,6 +9,6 @@ sidebar:
import { DirectoryListing, Render } from "~/components";
-[Zero Trust](https://one.dash.cloudflare.com/) analytics provide a summary of your applications and traffic.
+[Cloudflare One](https://one.dash.cloudflare.com/) provides a catalog of saved analytics views for reporting and investigation.
diff --git a/src/content/docs/cloudflare-one/insights/dex/index.mdx b/src/content/docs/cloudflare-one/insights/dex/index.mdx
index 0a0b64a8bfa405..a0ebdbba1faaae 100644
--- a/src/content/docs/cloudflare-one/insights/dex/index.mdx
+++ b/src/content/docs/cloudflare-one/insights/dex/index.mdx
@@ -1,6 +1,6 @@
---
pcx_content_type: navigation
-title: DEX
+title: Digital experience
sidebar:
order: 1
---
diff --git a/src/content/docs/cloudflare-one/insights/index.mdx b/src/content/docs/cloudflare-one/insights/index.mdx
index 453fbc50a88b24..f32bafe36bec57 100644
--- a/src/content/docs/cloudflare-one/insights/index.mdx
+++ b/src/content/docs/cloudflare-one/insights/index.mdx
@@ -9,6 +9,6 @@ sidebar:
import { DirectoryListing } from "~/components";
-Cloudflare Zero Trust gives you comprehensive and in-depth visibility into your network. Whether you need data on network usage, on security threats blocked by Cloudflare Zero Trust, or on how many users have logged in to your applications this month, Zero Trust provides you with the right tools for the job.
+Cloudflare One provides observability tools to monitor your environment. View traffic metrics for Access applications and Gateway policies in Dashboards, monitor endpoint and network performance with Digital Experience Monitoring (DEX), and analyze logs for security events.
diff --git a/src/content/docs/cloudflare-one/insights/logs/scim-logs.mdx b/src/content/docs/cloudflare-one/insights/logs/scim-logs.mdx
index 181714649579e8..6ca0076f787fe5 100644
--- a/src/content/docs/cloudflare-one/insights/logs/scim-logs.mdx
+++ b/src/content/docs/cloudflare-one/insights/logs/scim-logs.mdx
@@ -14,7 +14,7 @@ SCIM activity logs allow administrators to audit how [SCIM provisioning](/cloudf
For an overview of SCIM events across all users, log in to [Zero Trust](https://one.dash.cloudflare.com/) and go to **Logs** > **SCIM provisioning**. This page lists the inbound SCIM requests from all identity providers configured with SCIM. You can select an individual request to view more details about the SCIM operation.
-To investigate how SCIM events impacted a specific user, go to their [User Registry identity](/cloudflare-one/insights/logs/users/).
+To investigate how SCIM events impacted a specific user, go to their [User Registry identity](/cloudflare-one/team-and-resources/users/users/).
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/okta.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/okta.mdx
index cef930ddb8bdd0..d4e6c1d574e50d 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/okta.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/okta.mdx
@@ -8,7 +8,7 @@ import { Render } from "~/components";
Okta provides cloud software that helps companies manage and secure user authentication to modern applications, and helps developers build identity controls into applications, website web services, and devices. You can integrate Okta with Cloudflare One and build rules based on user identity and group membership. Cloudflare One supports Okta integrations using either the OIDC (default) or [SAML](/cloudflare-one/integrations/identity-providers/okta-saml/) protocol.
-Additionally, you can configure Okta to use risk information from Cloudflare One [user risk scores](/cloudflare-one/insights/risk-score/) to create SSO-level policies. For more information, refer to [Send risk score to Okta](/cloudflare-one/insights/risk-score/#send-risk-score-to-okta).
+Additionally, you can configure Okta to use risk information from Cloudflare One [user risk scores](/cloudflare-one/team-and-resources/users/risk-score/) to create SSO-level policies. For more information, refer to [Send risk score to Okta](/cloudflare-one/team-and-resources/users/risk-score/#send-risk-score-to-okta).
## Prerequisites
diff --git a/src/content/docs/cloudflare-one/integrations/service-providers/sentinelone.mdx b/src/content/docs/cloudflare-one/integrations/service-providers/sentinelone.mdx
index 492a8c3c33e601..c18cb1a3bea22b 100644
--- a/src/content/docs/cloudflare-one/integrations/service-providers/sentinelone.mdx
+++ b/src/content/docs/cloudflare-one/integrations/service-providers/sentinelone.mdx
@@ -79,4 +79,4 @@ Device posture data is gathered from the SentinelOne Management APIs. For more i
### Detect user risk behavior
-SentinelOne provides endpoint detection and response (EDR) signals to determine [user risk score](/cloudflare-one/insights/risk-score/). User risk scores allow you to detect users that present security risks to your organization. For more information, refer to [Predefined risk behaviors](/cloudflare-one/insights/risk-score/#predefined-risk-behaviors).
+SentinelOne provides endpoint detection and response (EDR) signals to determine [user risk score](/cloudflare-one/team-and-resources/users/risk-score/). User risk scores allow you to detect users that present security risks to your organization. For more information, refer to [Predefined risk behaviors](/cloudflare-one/team-and-resources/users/risk-score/#predefined-risk-behaviors).
diff --git a/src/content/docs/cloudflare-one/team-and-resources/devices/index.mdx b/src/content/docs/cloudflare-one/team-and-resources/devices/index.mdx
index e3feed0898cb44..1fa7d930cb4120 100644
--- a/src/content/docs/cloudflare-one/team-and-resources/devices/index.mdx
+++ b/src/content/docs/cloudflare-one/team-and-resources/devices/index.mdx
@@ -2,7 +2,7 @@
pcx_content_type: navigation
title: Devices
sidebar:
- order: 4
+ order: 2
---
import { DirectoryListing, Render } from "~/components";
diff --git a/src/content/docs/cloudflare-one/team-and-resources/users/index.mdx b/src/content/docs/cloudflare-one/team-and-resources/users/index.mdx
index 60f2b6ae2da1eb..24dff833bffd8f 100644
--- a/src/content/docs/cloudflare-one/team-and-resources/users/index.mdx
+++ b/src/content/docs/cloudflare-one/team-and-resources/users/index.mdx
@@ -2,7 +2,7 @@
pcx_content_type: navigation
title: Users
sidebar:
- order: 5
+ order: 3
---
import { DirectoryListing, Render } from "~/components";
diff --git a/src/content/docs/cloudflare-one/insights/risk-score.mdx b/src/content/docs/cloudflare-one/team-and-resources/users/risk-score.mdx
similarity index 99%
rename from src/content/docs/cloudflare-one/insights/risk-score.mdx
rename to src/content/docs/cloudflare-one/team-and-resources/users/risk-score.mdx
index d0647490d06528..861bf3ffc81f9d 100644
--- a/src/content/docs/cloudflare-one/insights/risk-score.mdx
+++ b/src/content/docs/cloudflare-one/team-and-resources/users/risk-score.mdx
@@ -2,7 +2,7 @@
pcx_content_type: concept
title: Risk score
sidebar:
- order: 4
+ order: 5
head:
- tag: title
content: User risk score
diff --git a/src/content/docs/cloudflare-one/team-and-resources/users/scim.mdx b/src/content/docs/cloudflare-one/team-and-resources/users/scim.mdx
index e114e068bb50f5..6f890049d39342 100644
--- a/src/content/docs/cloudflare-one/team-and-resources/users/scim.mdx
+++ b/src/content/docs/cloudflare-one/team-and-resources/users/scim.mdx
@@ -2,7 +2,7 @@
pcx_content_type: concept
title: SCIM provisioning
sidebar:
- order: 6
+ order: 3
---
diff --git a/src/content/docs/cloudflare-one/team-and-resources/users/seat-management.mdx b/src/content/docs/cloudflare-one/team-and-resources/users/seat-management.mdx
index b160143738640f..72a22f607349f6 100644
--- a/src/content/docs/cloudflare-one/team-and-resources/users/seat-management.mdx
+++ b/src/content/docs/cloudflare-one/team-and-resources/users/seat-management.mdx
@@ -2,7 +2,7 @@
pcx_content_type: how-to
title: Seat management
sidebar:
- order: 4
+ order: 2
---
Cloudflare One subscriptions consist of seats that active users in your account consume. Active users are added to Cloudflare One through any [authentication event](#authentication-events).
diff --git a/src/content/docs/cloudflare-one/insights/logs/users.mdx b/src/content/docs/cloudflare-one/team-and-resources/users/users.mdx
similarity index 99%
rename from src/content/docs/cloudflare-one/insights/logs/users.mdx
rename to src/content/docs/cloudflare-one/team-and-resources/users/users.mdx
index 924358982b41d7..246fa70e5b1577 100644
--- a/src/content/docs/cloudflare-one/insights/logs/users.mdx
+++ b/src/content/docs/cloudflare-one/team-and-resources/users/users.mdx
@@ -2,8 +2,7 @@
pcx_content_type: concept
title: User logs
sidebar:
- order: 1
-
+ order: 4
---
import { GlossaryTooltip } from "~/components"
diff --git a/src/content/docs/cloudflare-one/traffic-policies/identity-selectors.mdx b/src/content/docs/cloudflare-one/traffic-policies/identity-selectors.mdx
index 07dd94ec8f6079..2217860d3e43f3 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/identity-selectors.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/identity-selectors.mdx
@@ -20,7 +20,7 @@ Unless you use an [IdP that supports SCIM provisioning](#automatic-scim-idp-upda
- Log out from an Access-protected application and log back in.
- In their WARP client settings, select **Preferences** > **Account** > **Re-Authenticate Session**. This will open a browser window and prompt the user to log in.
-To view the identity that Gateway will use when evaluating policies, check the [user registry](/cloudflare-one/insights/logs/users/).
+To view the identity that Gateway will use when evaluating policies, check the [user registry](/cloudflare-one/team-and-resources/users/users/).
### Automatic SCIM IdP updates
diff --git a/src/content/docs/learning-paths/replace-vpn/build-policies/policy-design.mdx b/src/content/docs/learning-paths/replace-vpn/build-policies/policy-design.mdx
index d3bba38b6f6c06..b31392420353e4 100644
--- a/src/content/docs/learning-paths/replace-vpn/build-policies/policy-design.mdx
+++ b/src/content/docs/learning-paths/replace-vpn/build-policies/policy-design.mdx
@@ -33,7 +33,7 @@ Determine which identity provider you will use as the source of truth for user e
Ensure that the [identity provider is connected to Cloudflare](/learning-paths/replace-vpn/get-started/configure-idp/) and available to users in your [device enrollment permissions](/learning-paths/replace-vpn/configure-device-agent/device-enrollment-permissions/).
:::
-If you plan to grant access to services based on group membership, [view the user registry](/cloudflare-one/insights/logs/users/) and verify that the target users have that group value in their User Registry.
+If you plan to grant access to services based on group membership, [view the user registry](/cloudflare-one/team-and-resources/users/users/) and verify that the target users have that group value in their User Registry.
#### Device posture
diff --git a/src/content/docs/learning-paths/secure-internet-traffic/secure-saas-applications/configure-casb.mdx b/src/content/docs/learning-paths/secure-internet-traffic/secure-saas-applications/configure-casb.mdx
index ba6a47ca7c15ca..de5b95e52278dc 100644
--- a/src/content/docs/learning-paths/secure-internet-traffic/secure-saas-applications/configure-casb.mdx
+++ b/src/content/docs/learning-paths/secure-internet-traffic/secure-saas-applications/configure-casb.mdx
@@ -14,7 +14,7 @@ Only available on Enterprise plans.
-Cloudflare's API-implemented CASB addresses the final, common security concern for administrators of SaaS applications or security organizations: How can I get insights into the existing configurations of my SaaS tools and proactively address issues before there is an incident? CASB integrates with a number of leading SaaS applications and surfaces instant security insights related to misconfiguration and potential for data loss. CASB also powers [risk score heuristics](/cloudflare-one/insights/risk-score/) organized by severity.
+Cloudflare's API-implemented CASB addresses the final, common security concern for administrators of SaaS applications or security organizations: How can I get insights into the existing configurations of my SaaS tools and proactively address issues before there is an incident? CASB integrates with a number of leading SaaS applications and surfaces instant security insights related to misconfiguration and potential for data loss. CASB also powers [risk score heuristics](/cloudflare-one/team-and-resources/users/risk-score/) organized by severity.
For more information on Cloudflare CASB, including available SaaS integrations, refer to [Scan SaaS applications](/cloudflare-one/integrations/cloud-and-saas/).
diff --git a/src/content/docs/reference-architecture/design-guides/zero-trust-for-saas.mdx b/src/content/docs/reference-architecture/design-guides/zero-trust-for-saas.mdx
index f8a032fd226d04..83d1633f7e37ab 100644
--- a/src/content/docs/reference-architecture/design-guides/zero-trust-for-saas.mdx
+++ b/src/content/docs/reference-architecture/design-guides/zero-trust-for-saas.mdx
@@ -149,7 +149,7 @@ For more information about securing data in transit, refer to our [reference arc
Cloudflare's [Cloud Access Security Broker (CASB)](/cloudflare-one/integrations/cloud-and-saas/) integrates with [popular SaaS applications](/cloudflare-one/integrations/cloud-and-saas/) through APIs. Once integrated, Cloudflare continuously scans these applications for security risks. This enables IT teams to detect incidents of authorized users oversharing data, such as sharing a file publicly on the Internet. For Google Workspace, Microsoft 365, Box, and Dropbox, the API CASB can also utilize DLP profiles to detect the sharing of sensitive data. For more information about securing data at rest, refer to our [reference architecture center](/reference-architecture/diagrams/security/securing-data-at-rest/).
-In addition to the previous measures, IT teams should also consider introducing [User Entity and Behavior Analytics (UEBA)](https://www.cloudflare.com/en-gb/learning/security/what-is-ueba/) controls. Cloudflare can assign a [risk score](/cloudflare-one/insights/risk-score/) to users when detecting activities and behaviors that could introduce risks to the organization. These risk behaviors include scenarios where users trigger an unusually high number of DLP policy matches. By implementing these measures, organizations can significantly reduce the risk of data leaks from managed SaaS applications, even by authorized users.
+In addition to the previous measures, IT teams should also consider introducing [User Entity and Behavior Analytics (UEBA)](https://www.cloudflare.com/en-gb/learning/security/what-is-ueba/) controls. Cloudflare can assign a [risk score](/cloudflare-one/team-and-resources/users/risk-score/) to users when detecting activities and behaviors that could introduce risks to the organization. These risk behaviors include scenarios where users trigger an unusually high number of DLP policy matches. By implementing these measures, organizations can significantly reduce the risk of data leaks from managed SaaS applications, even by authorized users.
diff --git a/src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx b/src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx
index 3e24c61bff4404..fc2f6f938785d2 100644
--- a/src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx
+++ b/src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx
@@ -17,7 +17,7 @@ import { Markdown } from "~/components"
* **Enable user deprovisioning**: [Revoke a user's active session](/cloudflare-one/access-controls/access-settings/session-management/#per-user) when they are removed from the SCIM application in {props.idp}. This will invalidate all active Access sessions and prompt for reauthentication for any [WARP session policies](/cloudflare-one/team-and-resources/devices/warp/configure-warp/warp-sessions/).
* **Remove user seat on deprovision**: [Remove a user's seat](/cloudflare-one/team-and-resources/users/seat-management/) from your Cloudflare One account when they are removed from the SCIM application in {props.idp}.
* **SCIM identity update behavior**: Choose what happens in Cloudflare One when the user's identity updates in {props.idp}.
- - _Automatic identity updates_: Automatically update the [User Registry identity](/cloudflare-one/insights/logs/users/) when {props.idp} sends an updated identity or group membership through SCIM. This identity is used for Gateway policies and WARP [device profiles](/cloudflare-one/team-and-resources/devices/warp/configure-warp/device-profiles/); Access will read the user's updated identity when they reauthenticate.
+ - _Automatic identity updates_: Automatically update the [User Registry identity](/cloudflare-one/team-and-resources/users/users/) when {props.idp} sends an updated identity or group membership through SCIM. This identity is used for Gateway policies and WARP [device profiles](/cloudflare-one/team-and-resources/devices/warp/configure-warp/device-profiles/); Access will read the user's updated identity when they reauthenticate.
- _Group membership change reauthentication_: [Revoke a user's active session](/cloudflare-one/access-controls/access-settings/session-management/#per-user) when their group membership changes in {props.idp}. This will invalidate all active Access sessions and prompt for reauthentication for any [WARP session policies](/cloudflare-one/team-and-resources/devices/warp/configure-warp/warp-sessions/). Access will read the user's updated group membership when they reauthenticate.
- _No action_: Update the user's identity the next time they reauthenticate to Access or WARP.
diff --git a/src/content/partials/cloudflare-one/tunnel/troubleshoot-private-networks.mdx b/src/content/partials/cloudflare-one/tunnel/troubleshoot-private-networks.mdx
index 0ed7f41fa8a3a7..06ad27694e22a6 100644
--- a/src/content/partials/cloudflare-one/tunnel/troubleshoot-private-networks.mdx
+++ b/src/content/partials/cloudflare-one/tunnel/troubleshoot-private-networks.mdx
@@ -58,7 +58,7 @@ Determine whether the user is matching any policy, or if they are matching a pol
2. Go to **Traffic policies** > **Firewall policies** and compare the [order of enforcement](/cloudflare-one/traffic-policies/order-of-enforcement/) of the matched policy versus the expected policy.
3. Compare the Gateway log values with the expected policy criteria.
- - If the mismatched value is related to identity, [check the user registry](/cloudflare-one/insights/logs/users/) and verify the values that are passed to Gateway from your IdP. Cloudflare updates the registry when the user enrolls in the WARP client. If the user's identity is outdated, ask the user to re-authenticate WARP (**Preferences** > **Account** > **Re-Authenticate Session**).
+ - If the mismatched value is related to identity, [check the user registry](/cloudflare-one/team-and-resources/users/users/) and verify the values that are passed to Gateway from your IdP. Cloudflare updates the registry when the user enrolls in the WARP client. If the user's identity is outdated, ask the user to re-authenticate WARP (**Preferences** > **Account** > **Re-Authenticate Session**).
- If the mismatched value is related to device posture, [view posture check results](/cloudflare-one/reusable-components/posture-checks/#2-verify-device-posture-checks) for the user's device. Verify that the device passes the posture checks configured in the policy.