We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Adding Account access t a savrole

Nidhins27
Regular Contributor
Regular Contributor

Hi,

I have created a new savrole to provide limited access to users.

User is able to see users tab under Admin section. user detail is visible and accounts list is also visible. The issue is when user clicks on any account it gives "Access denied" error. Can you please suggest what access can be added to savrole so that user can see account details via below path:

Admin-->users-->open  user detail-->accounts-->click on any account and see the details.

Current accesses:

Nidhins27_0-1676621065942.png

Error is recieved when any account is clicked like one marked in yellow:

Nidhins27_1-1676621204561.png

Thanks

Nidhi

 

 

15 REPLIES 15

DaanishJawed
Saviynt Employee
Saviynt Employee

Add the SAV role to connection as below and try once.

Navigate to Admin > Identity Repository > Connections > Open a Connection > Add the SAV role below and Save&Test the connection.

Screenshot 2023-02-17 at 1.04.26 AM.png

Nidhins27
Regular Contributor
Regular Contributor

 The savrole I am creating is not specific to any connection. It is created for helpdesk people, who can onboard the users. they should be able to see user, users details and accounts.

rushikeshvartak
All-Star
All-Star

Share extract of SAV Roles


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Hi Rushi,

Attachment button is not working, I am pasting the data under "Access" Tab.

MenuSub Menu
ADMINSUBMENU.ADMIN.accounts_list
ADMINSUBMENU.ADMIN.entitlement_values_list
ADMINSUBMENU.ADMIN.users_list
ARSSUBMENU.ARS.workflowmanagement_tasklist
ARSSUBMENU.ARS.workflowmanagement_requesthome
ARSSUBMENU.ARS.jbpmworkflowmanagement_showmyhistoryrequests
ARSSUBMENU.ARS.jbpmworkflowmanagement_viewopenrequests
ARSSUBMENU.ARS.workflowmanagement_completedtasklist
ARSSUBMENU.ARS.create_userrequest

Also, Sav role details are as below:

Nidhins27_0-1676649857287.png

Nidhins27_1-1676649884949.png

Thanks

Nidhi

 

Nidhins27
Regular Contributor
Regular Contributor

Another problem that i see with this savrole is:

Accounts tab under Identity repository is showing No data available. Even if keep the "Access to Endpoints" as empty or "all" or selective endpoints.

Nidhins27_3-1676650642644.png

Thanks

Nidhi

 

 

 

Add Endpoint in Access to Endpoint Dropdown


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

I tried doing that already. It doesn't work. We are on version 3.14. Till 3.11 it used to work differently. Has anything been changed in 3.14?

Thanks

Nidhi 

Nidhins27
Regular Contributor
Regular Contributor

Can you please tell me a table name where savrole details are saved. I checked savroles and savrole_permissions but I did not find anything.

 

Thanks

Nidhi

configuration


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Hi Rushi/Danish,

Just wanted to check if you were able to figure out something for this.

Thanks

Nidhi

Did you try adding the SAV Role to the connection as in my previous comment? I validated the same and it is working for me.

Ankyt19
Regular Contributor
Regular Contributor

They are able to see user , user details now also if I am not wrong .

 

I see problem is with "Accounts" which is not visible and even if you click on any account user is linked to it will give access denied . Because you will need to assign SAV role to connection so those respective accounts will be visible to sav role assignee .

 

Please share wat all is being working and what is not working ?

Thank you

Ankit

Nidhins27
Regular Contributor
Regular Contributor

It works if I put the savrole under connections but We also SSL expiry notifications set. So, for the Connections having SSL cert the notification will go the users of this savrole also which we don't want.

Thanks

Nidhi

Ankyt19
Regular Contributor
Regular Contributor

SSL expiry notification is set to what criteria?

 

Nidhins27
Regular Contributor
Regular Contributor

I have resolved the issue.

Solution: Added the savrole to all the existing connections so that all of the accounts are visible.

Updated the SSL EXPIRY NOTIFICATION analytics query to send the notification to only the members of required SAVROLE.

Thanks

Nidhi Sharma