Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Add Access for Azure Ad

sk
Regular Contributor
Regular Contributor

Hello Experts,

We have a requirement where we have 3 environments and 4 teams in AzureAD with AAD groups as entitlement type . But when user clicks environment (prod,test,dev) user will be selecting one entitlement, Once the enviornment is selected then user should select only one team as entitlement (entitlement type is same for environement and team)

 

please let me know how can we achieve this for provisioning.

Thanks in advance

9 REPLIES 9

NM
Honored Contributor II
Honored Contributor II

Hi @sk , you need to have 3 entitlement type.

rushikeshvartak
All-Star
All-Star

You can add SoD , if user select more than one teams of same environment auto reject request 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sk
Regular Contributor
Regular Contributor

@rushikeshvartakwe have created 3 endpoints (dev,test and prod).

But we need to assign one entitlement by default. How can we do that 

any advice 

From each application then add under Endpoint - Entitlements with New account section


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sk
Regular Contributor
Regular Contributor

Hi @rushikeshvartak , yes we have added entitlement but we can see only one task is getting triggered (task not triggered for the entitlement which we added under endpoint)

sk_0-1719903619382.png

Please let me know if anything I am missing here.

NM
Honored Contributor II
Honored Contributor II

Hi @sk , it will only get triggered when you raise a new account request, plus can you share entitlement type details for the group which you added.

sk
Regular Contributor
Regular Contributor

Hi @NM , Yes I was raising the new account request only. Entitlement type details 

sk_0-1719906055253.png

 

  • Validate Entitlement Status
  • Validate Request option for entitlement type.
  • Share logs

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NM
Honored Contributor II
Honored Contributor II

 Can you try by adding any other group (Active)

functionality works fine in 24.2