Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Request Roles Query To Filter Roles Based on Requestee / Requestor Attributes

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 01:16 PM

Originally posted on January 26 2021 at 23:50 UTC

Navigation: Admin > Global Configuration > Role Request -> Request Roles Query

Article Reference: https://saviynt.freshdesk.com/support/solutions/articles/43000553876-roles-request-configuration

As the number of enterprise roles in the system increases, it will be difficult for the users to choose from the list & hence we would want to limit the users to see certain enterprise roles only based on the requestee's user attributes.

For example, let's say roles table customproperty1=Marketing and users table customproperty5=Marketing. When the user with customproperty5=Marketing requests for enterprise role, we would like the user to see only the roles which has customproperty1=Marketing.

Any assistance here is much appreciated.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
4 REPLIES 4

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:50 PM

Originally posted on January 27 2021 at 10:12 UTC

Hi Sivagami,


I hope below query example will help you : 

and rl.customproperty1 in (select users.customproperty5 from Users users where users.id={currentUser})

This will typically match the requested user's customproperty5 with the role's customproperty1. This way you can even extend your example to any value that is stored in your roles' customproperty1 that would match with user's cp5.


Regards,

Adrien.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:50 PM

Originally posted on February 1 2021 at 17:05 UTC

Thanks Adrien! Looks good!

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:50 PM

Originally posted on November 26 2021 at 06:04 UTC

Hi Team,


If the Enterprise role is tagged to an endpoint and when the user is making request for that endpoint, how can we configure request role query so, that SSM would display only the roles satisfying above criteria.

Typical use case is, if user.employeeclass==role.customproperty25,


Then show all roles satisfying above criteria.

Note: We are not using the EP role using request enterprise role tab but through the EP.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:50 PM

Originally posted on November 30 2021 at 00:11 UTC

Manish,


Enterprise Roles as the name suggest is a combination or entitlements from different endpoints. Ideally, these should not be tied to an single Endpoint.


If you have all your entitlements from the same application, then an application role would be a better fit.




Regards,

Avinash Chhetri

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
Copyright © 2024 Khoros, LLC