Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/24/2024 04:51 AM
Hi,
We have a requirement for SOD for a suite of applications that are using a whitelist of allowed combinations of entitlements.
Based on the value of a custom attribute in the entitlement, the whitelist is checked and validates the allowed combination. We need to perform and validate this at the access request stage.
We're trying to mimic a similar approach with SOD functiontality available in Saviynt. We noticed that SOD functions operates at the entitlement level, but it seems that only using the "entitlement value".
For example, this is a partial whitelist, allowing entitlements with value "Affirmer" to only be able to combined with entitlements with value "FO", "other", etc. Any other combination not present in this table in not allowed.
Affirmer | Business Treasurer |
Affirmer | FO |
Affirmer | ICFLead |
Affirmer | Other |
Affirmer | ReadOnly |
Affirmer | Requester |
We are saving these values in "customattribute21" in each entitlement.
Is there a supported approach to mimic this SOD approach with Saviynt?
Thanks