Click HERE to see how Saviynt Intelligence is transforming the industry. |
04/12/2022 01:20 PM
When running a user manager certification, on the access review section (Step 2) there is a column labeled granted through that can be used to explain how the user received the entitlement. This is pulled from the arstasks table - source type column.
Access added through analytics and provisioning rules are a big part of the automation in our environment and do not need to be attested to in this type of campaign. How can we exclude these from being visible to certifiers in a campaign?
Thanks,
Chris
Solved! Go to Solution.
04/12/2022 03:04 PM
Hello Chris,
When the access is provisioned in Saviynt, the account to entitlement mapping sits in the account_entitlements1 table.
If the assignment has happened via Rule or Role, then the column ASSIGNEDFROMROLES and ASSIGNEDFROMRULE in account_entitlements1 table is populated against the entry (accountkey-entitlement_valuekey mapping).
While configuring the campaign, you could make use of "Account Entitlements1 Query" under "Advanced Campaign Configuration" and add a query to include/exclude entitlements with the data or lack of it in the aforementioned columns.
However, when access is assigned from an Analytics, I'm not sure if anything is updated on the account_entitlements1 table that can be utilized.
Regards,
Avinash Chhetri