No ratings
Saviynt Employee
Saviynt Employee

Use Case

User is requesting for entitlements and valid SOD violations are not flagging in the request page.



  • Preventative SOD should be enabled
  • SOD Admin should have access to the global configuration to make config changes
  • SOD simulation should be used to verify if the user is flagged with the SOD or not.


Applicable Version(s)

SP 3.x and all EIC versions



If the user is flagging SOD in the simulation, it is a valid SOD.


Scenario 1:

The following configs need to be enabled:

  1. Endpoint should be added to the list of SOD endpoints in Admin > Global Configurations > Request > Settings New Experience > Endpoints to Evaluate SOD (if the list is blank, SOD is evaluated for all endpoints by default)
  2. Navigate to SAV Role > Enable Show SOD in Request
  3. Navigate to Admin > Global Configurations > SOD > Show SOD in Request
    This config is used to show ALL existing SOD the user has irrespective of the account/endpoint/ruleset.
    When the config is turned off, the existing SOD does not show up in the request 


Scenario 2:

If the user has multiple accounts in the endpoint, the admin can check if there is an existing SOD violation in the workbench. When the risk is already flagged as a violation for the user and one of the accounts, the same risk will not be shown in the ARS while same entitlements are being requested for the user's second account. However if the same risk is being flagged for different entitlements, it should show up in the ARS Request.

Version history
Last update:
‎04/05/2023 01:30 PM
Updated by: