Saviynt Forums

Community_User · ‎04/12/2022

Originally posted on January 22 2020 at 18:41 UTC

Here is the scenario:

I have a user customproperty = Restricted to identify users that have restrictions in terms of accessing certain entitlements.

I can set those restricted entitlements using a custom property as well.

I want to restrict the restricted users from being able to request those restricted entitlements that they should not have access to.

How can I accomplish that?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on February 4 2020 at 06:31 UTC

Config for Requestable Entitlement in ARS - If blank shows all the entitlements. If query is added, it filters out requestable entitlements only for what the query is mentioning.

ev.status=1 and ev.customproperty1 = '${Writeaccess}'

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on April 8 2020 at 19:32 UTC

Hi Vijay,

I am also trying to do something similar. I want to restrict entitlements shown at run time by using user attributes. For example, consider there are 6 entitlements. For users with department = 'xyz' I only want to show 3 entitlements in the ARS request form and so on.

What capabilities are available in the 'Config for Requestable Entitlement in ARS' field to that respect? Are user attributes exposed? Or is it only the entitlement_values table?

Thanks,

Suparna

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on February 16 2021 at 10:30 UTC

Hi,

We are trying to filter out the entitlement based on the user attribute but not able to get the "requestee" object.

we are using following query

ev.customproperty31 in (select country from Users where userkey in (${requestee}))

Thanks

Ritu

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on March 8 2021 at 07:22 UTC

Hi Saviynt,

we also have same requirment in one of our client in saviynt 5.5 sp3, can u reply to ritu rajan post..

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on March 8 2021 at 08:11 UTC

Hi Musthak,

We have open the ticket on fresh desk and the representative update me.

The requestor and requestee objects are supported from SSM 5.5 SP4 onwards. The information on the same is added in the below link.

For more information, see https://saviynt.freshdesk.com/support/solutions/articles/43000431385-creating-an-entitlement-type.

there is no alternative that can be used in 5.5SP3.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Saviynt Forums

Need to restrict entitlements at request time based on user attributes