Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Is it possible to let Saviynt Birthright role to trigger Access Request thru API

Go to solution
lihjong
New Contributor
New Contributor

‎03/14/2024 08:05 AM

Hi,

Currently in our user onboarding process, user’s manager will need to open access request after Saviynt create a new user account. There is an issue user may not have enough access in the day 1 If user’s manger delay or forget to open that access request.

I am trying to close that gap and hope Saviynt can automatically open access request after create a new account.

Do you think is it possible thru API call?

Thanks

Mark

 

0 Kudos
7 REPLIES 7

Go to solution
PremMahadikar
All-Star
All-Star

‎03/14/2024 02:11 PM

Hi @lihjong ,

Yes, this is possible.

Follow the below steps:

1. Create a Technical rule where necessary conditions match from the user details to trigger this rule with configured actions (below in screenshot has both role and entitlement in action) Make sure you check box the 'Birthright' and 'Dectective'

PremMahadikar_3-1710449528799.png

2. Create job trigger which will trigger this technical rule and choose to schedule never to run by giving cron expression 0 0 22 1 1 ? 2099

PremMahadikar_5-1710449726993.png

3. Setup an API call to trigger this job {{URL}}/{{path}}/runJobTrigger 

{
    "jobgroup": "Utility",
    "triggername":"<Job trigger name>",
    "jobname": "DETECTIVEPROVISIONINGRULESJOB"
}

Once you trigger this API, this should run the technical rule and assign birthright access to the user.

 

If this answers your question, please consider selecting Accept As Solution and hit Kudos

Best,
Prem Mahadikar

Go to solution
lihjong
New Contributor
New Contributor
In response to PremMahadikar

‎03/14/2024 02:28 PM

Prem,

Thanks your detail information. I will try it.

Thanks your help again.

Mark

0 Kudos

Go to solution
lihjong
New Contributor
New Contributor
In response to lihjong

‎03/15/2024 07:47 AM

Prem,

I discussed your solution with my Saviynt engineer and he said "this is a solution to trigger the BR rule via the Saviynt API. not the other way around".  I think we want BR rule can call Access Request API so Saviynt can automatically generate a request ticket and then that ticket still can follow workflow process so additional approver can still approve that ticket before Saviynt add user into AD group.

Do you think is it possible?

Thanks

Mark

0 Kudos

Go to solution
PremMahadikar
All-Star
All-Star

‎03/15/2024 10:44 AM

@lihjong ,

BR rule calling access request API, this is not possible in Saviynt.

 

Best,
Prem Mahadikar
0 Kudos

Go to solution
lihjong
New Contributor
New Contributor
In response to PremMahadikar

‎03/15/2024 11:33 AM

ok Thanks.. so there is no way to resolve my issue?

Mark

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to lihjong

‎03/15/2024 11:59 AM

use custom jar


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
lihjong
New Contributor
New Contributor
In response to rushikeshvartak

‎03/15/2024 01:25 PM

Prem's solution not work. Still want to see if there is other solution,

Thanks

Mark

0 Kudos
Copyright © 2024 Khoros, LLC