Saviynt Forums

CSR · ‎12/27/2023

Hi Team,

We have a requirement like below,

If we have an enterprise role with a combination of entitlements where one of the entitlement is for the GitHub application. If the requester has a GitHub Account that is disabled, How can we block a request for an enterprise role?

sudeshjaiswal · ‎12/27/2023

Hello @CSR,

You can achieve it Via Workflow by checking the status of the account using the below statement in if-else block , Language should be groovy.
(com.saviynt.ecm.identitywarehouse.domain.Users.executeQuery("select u.id from Users u,User_accounts ua, Accounts a where u.id=ua.userkey AND ua.accountkey = a.accountkey AND a.endpointkey = <endpointkey> AND a.status in ('Manually Provisioned','Active','1') AND u.id='${requestedby.id}'").size()!=0)

In this way you can reject the request.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

rushikeshvartak · ‎12/27/2023

how you will find endpoint key ? enterprise role can contains multiple endpoints entitlement

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

rushikeshvartak · ‎01/10/2024

Above query will not work as all tables are not exposed.

As discussed with @prasannta , This will needs to be idea ticket

https://ideas.saviynt.com/ideas/EIC-I-5406

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Saviynt Forums

Blocking Enterprise role request