Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
No ratings
Saviynt Employee
Saviynt Employee

Use Case

By default, a User Manager campaign will allow the manager to review accounts and accesses that are granted to the user through Request Access and also assigned to them through Birthright Rules.

In case you have a requirement to allow manager to certify access and accounts granted only through Request Access then the following solution needs to implemented.


Applicable Version(s)

All Applicable versions


  1. Navigate to Certification > Click On Create Campaign > Select Campaign type as 'User Manager'> Scroll down to Advance Campaign Configuration > In Account Entitlements Query enter the below query
  2. Add the following case sensitive query:

Query - ae1.assignedFromRule is null

Note: The format is camel-case and needs to be entered in the exact format as above.

Reference Document for User Manager Campaign -

Regular Contributor II
Regular Contributor II

@DaanishJawed : If the Entitlement was assigned via a Role and the Role was assigned through a birthright rule, can we still use the Query - ae1.assignedFromRule is null to identify/exclude birthright access from certification? 

Regular Contributor II
Regular Contributor II

@shibinvpkvr Tested it and it works als in this case.

What it doesn't do is excluding the Enterprise Role itself from certification, if it was assigned via birthrights.

Version history
Last update:
‎03/22/2023 07:04 AM
Updated by: