and more in a single search tool across platforms. Read the announcement here. |
on 03/22/2023 07:04 AM
By default, a User Manager campaign will allow the manager to review accounts and accesses that are granted to the user through Request Access and also assigned to them through Birthright Rules.
In case you have a requirement to allow manager to certify access and accounts granted only through Request Access then the following solution needs to implemented.
Query - ae1.assignedFromRule is null
Note: The format is camel-case and needs to be entered in the exact format as above.
@DaanishJawed : If the Entitlement was assigned via a Role and the Role was assigned through a birthright rule, can we still use the Query - ae1.assignedFromRule is null to identify/exclude birthright access from certification?
@shibinvpkvr Tested it and it works als in this case.
What it doesn't do is excluding the Enterprise Role itself from certification, if it was assigned via birthrights.