Saviynt Forums

Community_User · ‎04/12/2022

Originally posted on May 4 2020 at 16:36 UTC

Within a defined endpoint I will have 3 entitlement types.

Dataset

User Type

User Abilities.

When a user requests access, they pick one of the datasets which would then limit the User Type. Once they select the User Type that would show a filtered set of User Abilities.

From what little that is available it looks like the Entitlement Map is the way to go. So how does one actually set that up?

I tried going with Child Entitlements, but that did not present the filtering that I would need.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on May 6 2020 at 07:32 UTC

Looks like you need to build a dynamic access request form for your endpoint. To my understanding endpoint dynamic attributes is the way to filter what you see in request form. For example if you have a "User Type" drop-down list as a dynamic attribute then you can filter entitlement types based on that selection.

Hope this helps in your case.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on May 6 2020 at 21:06 UTC

Sounds promising, do you have documentation on how to set them up?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on May 7 2020 at 04:34 UTC

Dynamic Attributes

Check this page how to add dynamic attributes to endpoints: https://saviynt.freshdesk.com/support/solutions/articles/43000431576-viewing-or-updating-endpoints

You need to add e.g. "Dataset" attribute with type "Single Select from SQL Query" and then in "Values" the SQL spell that pull values from DB, e.g. from entitlement_values table.

And you need to set "What action to perform when parent attribute changes? to "Refresh" to refresh entitlement lists.

Entitlement Type

And then check entitlement type details "Config For Requestable Entitlement In ARS" documentation on: https://saviynt.freshdesk.com/support/solutions/articles/43000556317-viewing-or-updating-endpoints.

Here you specify a conditionally logic how to select which entitlement to show. For example if you have the parent Dataset value in each User Type entitlement customproperty1, then you for "User Type" entitlement type, you could set the Config For Requestable Entitlement In ARS as "length('${Dataset}')=0 or ev.customproperty1='${Dataset}'" where ${Dataset} refers to dynamic attribute named "Dataset"

To further play with advanced ARS stuff, I recommend taking L200 training. For example, this topic is covered in that training.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on May 11 2020 at 08:52 UTC

Hi John,

To filter a set of User Abilities, you can use the Entitlement Map feature available in the Entitlements. For more information, see the Other Entitlement Details section in https://saviynt.freshdesk.com/support/solutions/articles/43000527104-viewing-or-updating-entitlement....

To set the hierarchy for this mapping, refer Entitlement Type in https://saviynt.freshdesk.com/support/solutions/articles/43000431576-viewing-or-updating-endpoints.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.