Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

How to make few SAV Roles non requestable

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on April 15 2020 at 03:48 UTC

Hi Experts,


I have SAV Roles created in our environment, i have 2 questions on these.


1. When ROLE_UIADMIN is created, the accesses related to it are not automatically assigned to SAV Role(Freshdesk Post says "Once the role is created , accesses related to it should automatically added"). I am checking under the Access tab of SAV Role but dont see any access there.


2. Need to make few SAV roles non-requestable through ARS(like ROLE_ENDUSER should not be requestable)


Please let me know if anyone has answer for these questions.


Thanks,

Naveen

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
2 REPLIES 2

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on April 15 2020 at 03:54 UTC

For the first question i got the answer, the accesses are not shown under access tab of SAV Role, however the accesses are granted internally.(Verified it)


Need solution for the second question

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on April 15 2020 at 07:25 UTC

You can put a filter for the roles you want to make non -requestable.


Endpoints--> SaviyntDB endpoint ( or whatever name you have configured) --> Entitlement type --> find SAVRole and click on the small icon you see

Search for Config for Requestable Entitlement in ARS

Put in the condition like ev.entitlement_value not like '%ADMIN%'.


NOTE : here ev. is the default that you should use.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.