Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Access Query - Restriction based on Requestor SAV Roles - v23.5

adriencosson
Valued Contributor
Valued Contributor

Hello folks !

I have a requirement where I need to hide some endpoints based on the Requestor's SAV Roles.

I came up with the below Access query on endpoint, that is working in a v5.5SP3 environment, but does not on a v23.5.

WHERE '${requestor.id}' in (select us.userkey from savroles sv, user_savroles us where sv.rolekey=us.rolekey and sv.rolename in ('ROLE_NEOREQUESTOR'))

Any chance someone can redirect to the appropriate nomenclature for latest versions, if this variable is still exposes in Access Query ?

Regards,
Adrien COSSON
6 REPLIES 6

Saathvik
All-Star
All-Star

In latest version I think runtime variables are not supported in Access Query. I will double check this statement and confirm but meanwhile can you try below logic

WHERE users.username in (select u.username from savroles sv, user_savroles us, users u where sv.rolekey=us.rolekey and us.userkey=u.userkey and sv.rolename in ('ROLE_NEOREQUESTOR'))

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Saathvik
All-Star
All-Star

I forgot to ask this, Your requirement is to limit the visibility of endpoint based on who is requesting the access or to whom access is being requested?


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

adriencosson
Valued Contributor
Valued Contributor

Hi  @Saathvik ,

No worries, I want to limit the visibility based on the requestor, not the beneficiary.

Good to know, please let me know if you can get this information sorted, because I have many customers that requires this feature.

Regards,
Adrien COSSON

Currently its not supported 😑


Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

adriencosson
Valued Contributor
Valued Contributor

Hi @rushikeshvartak / @Saathvik ,

With the below AccessQuery combined disabling the Enhanced Application Request made it possible.

WHERE '${requestor.id}' in (select us.userkey from savroles sv, user_savroles us where sv.rolekey=us.rolekey and sv.rolename in ('ROLE_SPECREQUESTOR'))

adriencosson_0-1689933576550.png

Regards,
Adrien COSSON

Marcel
Regular Contributor
Regular Contributor

Unfortunately disabling the Enhanced Application Request is not something we can do due to the huge amount of limited applications we have. We would still like a solution for this that works with Enhanced Application Request.