and more in a single search tool across platforms. Read the announcement here. |
04/12/2022 01:16 PM
Navigation: Admin > Global Configuration > Role Request -> Request Roles Query
Article Reference: https://saviynt.freshdesk.com/support/solutions/articles/43000553876-roles-request-configuration
As the number of enterprise roles in the system increases, it will be difficult for the users to choose from the list & hence we would want to limit the users to see certain enterprise roles only based on the requestee's user attributes.
For example, let's say roles table customproperty1=Marketing and users table customproperty5=Marketing. When the user with customproperty5=Marketing requests for enterprise role, we would like the user to see only the roles which has customproperty1=Marketing.
Any assistance here is much appreciated.
Solved! Go to Solution.
04/12/2022 02:50 PM
Hi Sivagami,
I hope below query example will help you :
and rl.customproperty1 in (select users.customproperty5 from Users users where users.id={currentUser})
This will typically match the requested user's customproperty5 with the role's customproperty1. This way you can even extend your example to any value that is stored in your roles' customproperty1 that would match with user's cp5.
Regards,
Adrien.
04/12/2022 02:50 PM
Thanks Adrien! Looks good!
04/12/2022 02:50 PM
Hi Team,
If the Enterprise role is tagged to an endpoint and when the user is making request for that endpoint, how can we configure request role query so, that SSM would display only the roles satisfying above criteria.
Typical use case is, if user.employeeclass==role.customproperty25,
Then show all roles satisfying above criteria.
Note: We are not using the EP role using request enterprise role tab but through the EP.
04/12/2022 02:50 PM
Manish,
Enterprise Roles as the name suggest is a combination or entitlements from different endpoints. Ideally, these should not be tied to an single Endpoint.
If you have all your entitlements from the same application, then an application role would be a better fit.
Regards,
Avinash Chhetri