Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Role Types ??

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 27 2019 at 18:09 UTC

Anybody has any idea about the different types of roles in Saviynt?

And how are they to be used or what are their purposes?


I understand Enterprise roles and Firefighter roles, and they are the only ones that can be requested through ARS.


What are the other role types and how are they to be used?

image



This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
5 REPLIES 5

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 27 2019 at 22:23 UTC

Just covered this today in the level 200 training! The Entitlement type is only used with AD connector, with a relatively new feature that lets you provision groups into AD based on roles you set up. Enterprise and Application are very similar with a few differences: Application can contain entitlements from one endpoint. Enterprise can contain entitlements from multiple endpoints. Enterprise request is a different tile on the dashboard and the customer sees a list of available enterprise roles (but this can be filtered). Applicaiton roles are requested like any other entitlement, after they choose the application to request from. Firefighter is for short term, time limited emergency access. That means the entitlement is removed after a configured time.

Enabler is the old way to do an Entitlement Role for AD group/role creation, but it will be deprecated eventually.


More data here:

https://saviynt.freshdesk.com/support/solutions/articles/43000431785-creating-roles

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 28 2019 at 11:55 UTC

Thank Jim. That was good information. And I think what you explained should be incorporated in the article.

There are many aspects and features to the SSM which are not available in documentation. This leads to customers not using them because you don't know what you don't know.


But thanks for the quick reply and explanation.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on July 17 2019 at 03:41 UTC

We'll get the documentation updated with the info.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on August 16 2019 at 14:25 UTC

any updates?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on July 8 2021 at 18:02 UTC

Hi all it's been 2 years and the following information has NOT been updated in the Saviynt Knowledge doc:

The Entitlement type is only used with AD connector, that lets you provision groups into AD based on roles you set up.

Enterprise type roles allow entitlements from multiple endpoints.

Application type roles allow ONLY entitlements from a Single endpoint.

Firefighter type roles are for short term, time limited emergency access. That means the entitlement is removed after a configured time.


Enabler is the old way to do an Entitlement Role for AD group/role creation, but it will be deprecated eventually. 2 years and this is still an option? When will it no longer be on the dropdown?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.