Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Variable for Entitlement value selected in Form

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 01:20 PM

Originally posted on February 23 2022 at 14:21 UTC

Hello, We have a requirement where we need to the fetch entitlement value inside "CreateAccountJSON" in DB connection. Is there any variable that can be used to fetch this data ? Thanks Padmalochan
This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
5 REPLIES 5

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 03:03 PM

Originally posted on February 23 2022 at 15:40 UTC

Hi Padma,


Can you please elaborate the need to have an entitlement value referenced inside the create account JSON ?


Will all your create Account tasks also have a corresponding add access task ?





Regards,

Avinash Chhetri

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 03:03 PM

Originally posted on February 23 2022 at 16:40 UTC

Hi Avinash, Yes we have add access task with all Create Account task. Additionally, in the Create Account query, we need the entitlement value as well. For example in the below query, I have tried using the value "${task.entitlement_valueKey.entitlement_value}" which does not work and need any other variable that will work. {"createAccountQry": ["BEGIN SECURITY.SET_STAFF_ID ('ADMIN','M','TBMS','A','N');Insert into STAFF_PROFILE(SP_STAFF_ID, SP_NAME, SP_SAL_CODE, SP_ORA_NAME, SP_OFF_CODE, SP_AUTH_OFF, SP_ROLE_NO, SP_PASSWD, SP_PSWD_CHG, SP_DATE_FROM, SP_EMAIL_ID, SP_STATUS, SP_SECOND_NAME, SP_THIRD_NAME) values('${staffId}', '${user.firstname}', 'TBMS', '${user.username}', '${primarycountry}', '${additionalmarket}', ${task.entitlement_valueKey.entitlement_value}, '${accpwd}', to_date('22-FEB-2022', 'DD-MON-YYYY'), to_date('22-FEB-2022', 'DD-MON-YYYY'), '${user.email}', 'A', '${user.middlename}', '${user.lastname}');END;"]} Thanks Padmalochan
This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 03:03 PM

Originally posted on February 23 2022 at 17:03 UTC

Hi Padma,


Based on what I understand, it seems that you have to provide an entitlement at the time of account creation. Im not sure if I have encountered this elsewhere. 

You could probably explore the option of sending a default least privilege, like Read at the time of account creation, with the assumption that the access they usually get is greater than Read.


Howevere, here's the relationship between an createAccount task and addAccess task when they are created in Saviynt.



TaskType 3 is the "createAccount" task, let's call it Parent Task.

Tasktype 1 is the '"addAccess" task, lets call it Child Task.


The TASKKEY of the Parent Task (196880) is also mentioned in the PARENTTASK column of the child task.


Since this is a db connector, you could probably try out writing a simple join to get the child taskkey from the parent and then use the entitlement value key?

The assumption here is that there is only one and exactly one add access task for the parent create account task.





Regards,

Avinash Chhetri


This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 03:03 PM

Originally posted on February 24 2022 at 20:38 UTC

Hi Avinash, I am trying to use the following CreateAccountJSON query, it is working in SQL Developer but not working in Connector configuration. {"createAccountQry": ["DECLARE roleid NUMBER(4) := 1; BEGIN SECURITY.SET_STAFF_ID('ADMIN', 'M', 'TBMS', 'A', 'N'); select UR_ROLE_NO INTO roleid from user_roles where UR_ROLE_DES = '${usrroles}';Insert into STAFF_PROFILE(SP_STAFF_ID, SP_NAME, SP_SAL_CODE, SP_ORA_NAME, SP_OFF_CODE, SP_AUTH_OFF, SP_ROLE_NO, SP_PASSWD, SP_PSWD_CHG, SP_DATE_FROM, SP_EMAIL_ID, SP_STATUS, SP_SECOND_NAME, SP_THIRD_NAME) values('${staffId}', '${user.firstname}', 'TBMS', '${user.username}', '${primarycountry}', '${additionalmarket}', roleid, '${accpwd}', to_date('02-JAN-2021', 'DD-MON-YYYY'), to_date('02-JAN-2021', 'DD-MON-YYYY'), '${user.email}', 'A', '${user.middlename}', '${user.lastname}'); END;"]} Can you please let know what could be the issue ? Thanks Padmalochan
This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 03:03 PM

Originally posted on February 24 2022 at 20:50 UTC

Padma,


Did you check the logs for the error ?




Regards,

Avinash Chhetri

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
Copyright © 2024 Khoros, LLC