Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Forum Posts

Change password is not working for Zscaler

Hi,We have created a lambda function for changing the password for Zscaler accounts. We tested it successfully using postman. However, when we try to use it within the change password JSON configuration, when we try to enable PAM for credential metho...

N598231 by New Contributor II
  • 267 Views
  • 7 replies
  • 0 kudos

Need to test the Break glass process for CPAM

We wanted to test the Break glass process for CPAM, we have few queries. Please help to clarify:1. Under what situation Break glass instance is required. Is it when primary vault is not reachable? or Saviynt UI is down?2.If Saviynt UI is down how end...

Diwakar by Regular Contributor
  • 174 Views
  • 4 replies
  • 0 kudos

PAM logs for Saviynt SIEM integration

We have followed this below document to integrate the Saviynt to Sentinel to fetch all audit logs for Saviynt however analytics query mentioned the document is not fetching the PAM related audit data.Saviynt SIEM Integration (saviyntcloud.com)Can you...

Diwakar by Regular Contributor
  • 520 Views
  • 6 replies
  • 0 kudos

Thycotic Vault - BYOV

Customer requirement - Has already thycotic secret server implemented.Now customer has procured license for Saviynt CPAM. Now customer wants to go with BYOV concept and use the Thycotic secret server that was implemented earlier. Do Saviynt has this ...

Connection failure for AD_PAM

Hi Team,   We are trying to setup PAM for active directory in our instance. I have used ADPAM template for it and we have SSL certificate and Credential vault but for some reason we are unable to set up the connection.  I have attached the logs for t...

Mortal by Regular Contributor
  • 321 Views
  • 2 replies
  • 0 kudos

CyberArk Integration

I understand there is an CyberArk SCIM connector that I can use it for the integration.  If I need to use CyberArk vault as an existing vault, do I still need to have the SCIM server?

ricky by New Contributor
  • 573 Views
  • 3 replies
  • 0 kudos

Logic for writing condition in JSON

Hi,I am writing the logic in createaccountJSON, getting the below error. Could someone suggest me the right logic."erp-compcode": "${ if (user.customproperty20=='TVN' || user.customproperty20=='Workday') {user.customproperty14 anyof ['249', '898', '8...

Ravi by New Contributor
  • 432 Views
  • 4 replies
  • 0 kudos

Export Sav Role and endpoint url

Solved: Need feature access export for listed SAV Roles - Saviynt Forums - 45352above document shows how to export sav role and the feature_list/webservice_list names, but not urlhow to get the url for the feature_list/webservice_list for a sav role?...

zzz1qaz by New Contributor
  • 215 Views
  • 2 replies
  • 0 kudos

How to Disable the session recording?

We have use case where we have to disable session recording for particular AWS endpoints and couldn't find any docs related to this, can anyone help us on how to disable the session recording?

RMJ by New Contributor III
  • 1718 Views
  • 8 replies
  • 0 kudos

Resolved! Task not created for emergency Role request

Hi Team,I have raised request for Emergency Role but after approving from pending request, it is showing as completed but task is not getting created for that request.Kindly let us know if any config changes need to be done. Thanks.Randhir Kumar.

Resolved! Password Expired

Dear TeamThis is in context to the password expired action under the analytics. As per the document, the password expired picks the user's password. However, we have a requirement wherein we need the account's password to be picked and mark it as exp...

PAM For Azure AD

Hey Guys,I want to enable PAM for Azure AD, and I am not getting its Documentation.can you guys please help me to enable PAM for Azure AD.

Smiling by Regular Contributor
  • 346 Views
  • 1 replies
  • 0 kudos

AzureAD connector Secret ID rotation

Hi folks,We have configured the ootb Azure AD connector with client ID and secret ID. This secret ID, which is used in both the Azure AD connector and the Azure AD REST connector, expires every 6 months in our Azure environment.We'd like to inquire i...

Allowed action not getting triggered in Analytics.

I have created a analytics (using SQL query) with deafault action as "deprovision access". when i am doing the dry run its correctly giving us the count. But when we run the analytics its not giving us the result. and its also not creating the De pro...

Rajatlm10 by New Contributor III
  • 428 Views
  • 1 replies
  • 0 kudos

JIT in linux not working

Hi all,I attempt to connect to a Linux server via JIT. Upon approval, my task is stuck at pending.I went in to check the logs. However, it seem that the previous UnixDeprovisioningService is not doing its job after JIT session ended. This result in t...

lonetlove by New Contributor
  • 958 Views
  • 4 replies
  • 0 kudos

ARS approval with MFA (sms /email)

Hi ,Would like to explore the possibility of having additional control on Access request workflow in Saviynt. All ARS approval/rejection are done in Saviynt, we have some critical application access approval which we want to prevent from being approv...

pmarvig by New Contributor
  • 785 Views
  • 4 replies
  • 0 kudos

configuring pam for connector type db

Hi,Currently working on Db connector. In db endpoint, I'm unable to see Pam attributes so how I can enable pam request for db application.Need help with pam config for DB connector type.Thanks 

Mortal by Regular Contributor
  • 693 Views
  • 3 replies
  • 0 kudos

CPAM Request Privilege Access

Hello,In Privilege Access Management request screen, the user post selecting ID can select request time frame, the time frame starts from current timestamp to future default time that is configured. Is it possible to default time frame to start from ...

setting up Hashicorp vault

Hi, I am integrating CPAM to saviynt in this I am going through the documentation of CPAM integration in saviynt. So, in connection we have to put url,tokens etc. of HashiCorp . So, the question is how can we set up Hashicorp vault and get the tokens...

CPAM API 403 error

Hi,We are trying to use CPAM v6 API to terminate a Privileged user session.But the API Call is giving us 403 error. We have assigned all the API access that exists in saviynt 23.7 version to the API user SAV role. We are using "{url}/ECM/api/login" t...

Credentialless PAM for REST and SOAP Connector

Hello, I underwent CPAM L100 and documentation of Saviynt but do not understand how to setup Credentialless PAM for REST based connector. The documentation talks about OOTB apps of Saviynt only.Can anyone help me\? Also the REST system we want to con...

Privileged Session Recording

Hello,We are on 23.7 version and have configured an app for Credentialless PAM, the CPAM module says session recording will be available. I am unable to figure out how we can view past session recording? Can anyone help, not able to find in documenta...

Resolved! Binding Variable for Privileged access request

Hello,We are configuring email template for Privilege Access Request. I want to display the requested time duration in email template body. I have found the below binding variable but not able to print the requested time in Approval Assignee and Task...