04/21/2023 02:13 AM
Hi,
we are planning a big change of our Saviynt Production environment. During this time, Saviynt should be accessible only for users, who have role_admin sav role assigned. All end users should not be able to login. We have SSO enabled in the system so how can we prevent users from entering it. Additionally- is there any possibility to put some banner that would inform users about this upcoming change?
04/23/2023 11:25 PM - edited 04/23/2023 11:28 PM
Hello @Dorota_P,
To restrict access to Saviynt during the production environment change, you can remove the SAV ROLE from all users except those who need access. Alternatively, if the user base is large, you can disable SSO and enable local authentication for those users with the SAV ROLE_ADMIN using the below query in a custom query job:
update users set passwordexpired=0,localauthenabled=1 where username='123456'
This will allow users with the SAV ROLE_ADMIN to log in using local authentication.
Yes, Banner Can be updated by opening an FD ticket to Saviynt Cloud Ops Team.