Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Time based Request Application Role

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 01:15 PM

Originally posted on October 18 2021 at 12:14 UTC

Hello Team,


We have a requirement where customer has created Application Roles and looking forward for a requirement to make this role time based.


Customer has various roles in environment which is configured to be allowed for 1 year or 6 months.


1. There is a config name Default Time Frame on Roles. Can you please help in understanding the usage of the same?

2. I have configured 720 (30 Days) on this parameter, but what I see that there is no restriction on End Date and I can make a request for more than specified Date? Is this parameter to behave in this way?

3. If not, Can you please confirm how can I enable a maximum allowed time frame for the role?


Customer is looking for a popup message or restriction in case there is violation.


Assistance needed.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
3 REPLIES 3

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:42 PM

Originally posted on October 18 2021 at 20:37 UTC

Manish,


As far as I know, there are no provisions for making Application Roles time based in a true sense. These are only applicable for Emergency Role (Fire Fighter Roles). 

In Emergency Roles, you can provide a Default Time Frame (say 4 hours) and a Maximum Time Frame (say 8 hours) which can be configured.


You could use Enterprise Roles instead of Application Roles and configure the start date and end date as mandatory in the global configs and provide a default time frame at the role level. 

However this does not restrict the requestor to "extend" the end date since Max Time Frame is not available for even Enterprise Roles.




Regards,

Avinash Chhetri

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:42 PM

Originally posted on October 19 2021 at 04:21 UTC

Hi Avinash,


Many thanks for the explanation.

I have used below configuration to make start date and end date mandatory for application roles also:  Ask For Start Date End Date While Adding Application Role along with Entitlements Request


Anyhow, any recommendation how can we capture this requirement? Customer has a requirement that the requested app role must have maximum validity for request for 1 year.

Also, what is the actual usage of  Default Time Frame on Application Roles?


Thanks and Regards,

Manish

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:42 PM

Originally posted on October 27 2021 at 04:50 UTC

Hi Avinash,


Can you explain  what is the actual usage of  Default Time Frame on Application Roles & Enterprise Roles?


Thanks

Manish

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
Copyright © 2024 Khoros, LLC