Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Advanced Configs for "Whom To Request"

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on May 6 2020 at 07:20 UTC

What dynamic variables are available for Advanced Configs for "Whom To Request" settings for SAV Roles? I tried simple ones like ${user?.id} that work for "For whom can the user setup delegate" settings, but it ended up errors like "No such property: user for class: SimpleTemplateScript3742".


I have a use case to allow delegated user requesting access to users that work for a parent user of the delegation (i.e. manager). So I would like to search for users working for a manager that currently logged in user is delegating for. So something like "select createuser from delegates where delegateuserkey = ${user?.id}".



This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
2 REPLIES 2

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on May 10 2020 at 05:19 UTC

Hello Juha,


Delegate user does not need any advanced filter in his savrole to view parent user's view in Request Access screens.

When delegate user logins, delegate use will be able to see users according to "Whom to Request" set in in his/her savrole + users who the parent user can see in Request Access screens

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on May 11 2020 at 09:08 UTC

Hi Juha,


The following variables for users support the advance query of "Whom to Request".

$(users.departmentname)
$(users.username)
$(users.firstname)
$(users.preferedFirstName)
$(users.lastname)
$(users.middlename)
$(users.street)
$(users.city)
$(users.statuskey)
$(users.startdate)
$(users.enddate)
$(users.manager)
$(users.location)
$(users.jobCode)
$(users.employeeType)
$(users.systemUserName)
$(users.departmentNumber)
$(users.title)
$(users.state)
$(users.companyname)
$(users.costcenter)
$(users.departmentname)
$(users.employeeclass)
$(users.entity)
$(users.jobcodedesc)
$(users.locationdesc)
$(users.locationnumber)
$(users.orgunitid)
$(users.region)
$(users.regioncode)
$(users.owner)
$(users.employeeid)
$(users.createdBy)${users.id}
This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.