Saviynt Forums

SudheerKaneti · ‎07/02/2024

Hi All,

We have integrated SAP application into Saviynt.

Our client requirement is to select SAP roles based on the selection of tcode in the ARS form in Saviynt.

We have reconciled SAP roles and tcodes data into Saviynt. The relation between SAP role and tcode is parent and child entitlement association.

Here the SAP role is parent entitlement and tcode is child entitlement.

Each SAP role constitutes of 10 to 100's of tcodes present in it (So we cannot put in any customproperty field and create a dynamic attribute for ARS) and tcodes has several SAP roles as parent entitlements.

Look below table for better understanding.

PARENT	CHILD1	CHILD2	CHILD3.
SAP1	TCODE1	TCODE2	TCODE3
SAP2	TCODE2	TCODE3	TCODE4

So, if a user selects TCODE 2 (We configure it as a dynamic attribute), the form should display SAP1 and SAP 2. The user can select only SAP 1 and should submit the request and SAP 1 will get provisioned.

There are currently 150K tcodes present in the system and we cannot display in ARS form since it will take so much time to load.

May anyone please help how can we design the form.

Let me know if any questions in the requirement.

Thank you,

Sudheer Kaneti.

rushikeshvartak · ‎07/02/2024

Use entitlement map concept

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

SudheerKaneti · ‎07/03/2024

Hi Rusikesh,

Thank you for your reply,

Entitlement map is the ideal solution but there are 150k number of tcodes. It is very difficult to add entitlement map of each and every tcode present in the system manually.

Since tcodes are child entitlement to SAP roles, is there any other way to automatically update entitlement map of tcodes with SAP roles automatically through the same connector or using SAV4SAV?

Please let us know.

Thank you,

Sudheer Kaneti.

rushikeshvartak · ‎07/03/2024

You can create analytics report and use sav4sav to update or use postman runner to upload entitlement map

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

SudheerKaneti · ‎07/05/2024

Hi Rushikesh,

May you please provide any sample SAV4SAV json for entitlement map.

Thank you,

Sudheer Kaneti.

rushikeshvartak · ‎07/05/2024

Refer sample json

https://forums.saviynt.com/t5/identity-governance/updateuserjson-rest-update-user-attributes-based-o...

you need to use in account import json

call 1 runtime report call
call 2 update entitlement call

Refer Saviynt API Documentation https://docs.saviyntcloud.com/bundle/API-Reference-Guide/page/Content/API-References.htm

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

SudheerKaneti · ‎07/12/2024

Hi Rushikesh,

Thank you for the help.

Just want to verify , does sav4sav supports only runtime reports calls and not static report calls ? (like with the api fetchControlDetailsES).

Thank you,

Sudheer Kaneti

rushikeshvartak · ‎07/12/2024

You can make static report call.
Benefits is in runtime report you dont need to call another api to retrieve records
if you use static report then call 1 - Run report call 2 - fetch records

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Saviynt Forums

Selection of SAP roles based on Tcode in ARS