Click HERE to see how Saviynt Intelligence is transforming the industry. |
04/12/2022 01:08 PM
Hello,
I want to restrict entitlements based on their owners in the request form. Let's say, if I am the owner of entitlement ABC, and I login to Saviynt, clicks Request Access for Others. On the request form, I should see only ABC entitlement in the form.
Is there a way possible to do this? Please let me know.
Regards,
Yashpal
Solved! Go to Solution.
04/12/2022 02:27 PM
There is a filter on each entitlement type - "Config for Available Entitlement in Service Account" through which you can control the list of entitlements that you see while requesting. You can make use of that.
Regards,
Aditya
04/12/2022 02:27 PM
Hi,
I am also struggling with displaying entitlements based on user attributes say City or Country. Query in 'Config for Requestable Entitlement in ARS' gives below validation message
Dynamic Attribute: requestee used in query does not exist in Endpoint for query ‘ev.customproperty1 in (select city from Users where userkey in (${requestor}))' as suggested in freshdesk. It works for dynamic attributes only but do not filter based on the user attributes as mentioned above. The version I am using is 5.5SP3.
Config For Requestable Entitlement In ARS | Specify the query based on the logged-in user or the user(s) for which request is being placed respectively to limit the display of the entitlements in Available Entitlements. You can use the ‘requestor’ and ‘requestee’ objects in the query to filter the entitlements to be displayed in the Available Entitlements. · Add the below query to display the entitlement in the request form, when the value specified in customproperty1 is selected from dynamicAttribute1. ev.customproperty1='$(<dynamicAttribute1>)' · Filter entitlements based on the user(s) for whom the request is being placed. ev.customproperty1 in (select city from Users where userkey in (${requestee})) · Filter entitlements based on the requestor. ev.customproperty1 in (select city from Users where userkey in (${requestor})) Note In the above syntax, the variables and table names used are case-sensitive. |