Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/10/2024 01:07 PM - edited 09/10/2024 01:07 PM
When the JobCode (or any defined user attribute) of an existing active user changes, the system must have the ability to
Trigger an access review to the current manager of the identity to review the mover’s current accesses.
Trigger an entitlement ownership review if the mover happens to be an entitlement owner subject to the below requirements:
Ownership review must be generated to the previous manager of the mover if the manager has also changed in the mover transaction received from HR source.
Ownership review must be generated to the current manager of the mover if the manager has NOT changed but only the JobCode has changed.
For a mover who owns entitlements less than a predetermined number, generate an ownership review within the system to the owner’s manager (previous or current as determined by point a above) to make the required ownership changes.
For a mover with the number of entitlements greater than or equal to a predetermined number, generate an ownership review from the system as a notification to the owner’s manager (previous or current as determined by point a above) to make the required ownership changes. The email is then forwarded to the support team to upload the attachment received from the owner to reflect the ownership changes in the system.
If the ownership changes are made via point c or d above, the system must update the entitlement owner in Saviynt.
Solved! Go to Solution.
09/10/2024 01:23 PM
Hi @krecpond you can launch a campaign via user update rule.. but only user manager is supported for now not entitlement one.
You can use owner in terminate to handle other scenarios.
09/10/2024 07:03 PM
Can you please elaborate more on this recommendation?
09/10/2024 02:30 PM
09/10/2024 07:02 PM
These recommendations will definitely not work. Please see the entire requirements. Saviynt does not support making changes during a campaign while here the requirement is to make changes to the owner, description, CMDB ID mapped to the entitlement amongst other things. Saviynt does not have the configurations to enable such processes in the product. If someone has done similar requirements, I would like to hear how it was implemented.
Even in other IGA products, this is a custom workflow. So we are looking to see if such a custom process can be triggered in Saviynt for reviewers to make changes to entitlement metadata.