Hello - I would like to know if there is a configuration within Saviynt that would allow the owner of an entitlement / role to see the other owners as well as assigned users, and ideally add / remove other owners. This access would need to be limited to ONLY the roles / entitlements where the logged in user is an owner.
I've submitted an idea (https://ideas.saviynt.com/ideas/EIC-I-4704) to make this an intuitive interaction for owners, but I'm curious if it's possible at all currently.
If I understand correctly , you want an owner of an entitlement/role to modify (i.e add/remove) owners for other entitlement / role present in the system.
Hello, yes that's part of it. To clarify, I am looking for 3 capabilities:
1 - If I own an entitlement, i would like to be able to see the other owners of the entitlement.
2 - if I own an entitlement i would like to be able to see the holders of the entitlement
3 - if i own an entitlement i would like to be able to manage the ownership of the entitlement (add/remove other owners)
I can think of below:
1. Find all unique entitlement / role owners present in the system
2. Create a new Sav Role
3. Add all the users found in step1 in this new sav role
4. Assign this newly created sav role in the connection
Once you assign this newly created sav role it in the connection , the user will be able to see the account / entitlements associated with that connection.
Once the user is able to see the entitlement , you can perform basic operation like adding/removing owners to the entitlements.
Thank you for the responses, but I don't think these quite address the use case.
If I am reading correctly, Devang's suggestion would allow ANY owner to see and change owners on entitlements for all endpoints tied to a particular connection. What we need, is the ability for an owner to manage only the assets they own. They should not be able to make updates to entitlements that they don't own. I also think the solution only addresses entitlements, not roles. @dgandhi - Is my understanding of your response correct?
@rushikeshvartak You suggestion allows an owner to see what assets they own, but it doesn't allow them to manage them in any way, see other owners, or see members correct?
What I'm looking for is a way to distribute management of assests to the owner(s) of the asset.