Click HERE to see how Saviynt Intelligence is transforming the industry. |
04/12/2022 01:13 PM
Hi,
We have a requirement where we want to show the remove account option for endpoint only to Admin user and not to end user. End user will see only Add and modify account option. In Endpoint we have the option to Disable Remove account but it will disable that operation for all users.
How we can show/hide the remove account conditionally in ARS page.
Regards,
Anjali
Solved! Go to Solution.
04/12/2022 02:35 PM
Hello,
This is currently not possible. We'll add it to our product backlog. Are you also looking at this for specific accounts or endpoints or removing it from all accounts for an end user? Another question would be, is it specific to request for others or when you request for yourself?
Regards,
Aditya
04/12/2022 02:35 PM
We want this on specific application basis and for End users. It's for others as well for self.
04/12/2022 02:35 PM
Is this completed and part of Saviynt now? We need this for our customer.
04/12/2022 02:35 PM
A workaround would be to reject the request for end users in the Approval Workflow.
Meaning end users can still perform the action but no action would be taken in the target system.
To implement this, you can add a If/Else condition block, that targets the SAV Roles of the requestor.
requestedby.authorities.collect { it.authority }.contains("ROLE_ENDUSER")
You can combine this with checking if the request is a REMOVE ACCOUNT operation :
DELETE_ACC_REQUESTS_COUNT = 1 in the Request Access Map as sample below :
[NEW_ACC_REQUESTS_COUNT:0, ADD_ACCESS_REQUESTS_COUNT:0, REMOVE_ACCESS_REQUESTS_COUNT:0, MODIFY_ACC_REQUESTS_COUNT:0, DELETE_ACC_REQUESTS_COUNT:1]
Above sample checks if the requestor has the ROLE_ENDUSER in his SAV Roles.
You can adjust this to your requirements and then link it to a "Reject Access".
Finally, you can let the end users know that they should not use this feature and that no action will be performed if such attempt happens.
Hope this helps you achieve your requirements !
Regards.