and more in a single search tool across platforms. Read the announcement here. |
02/16/2024 04:14 AM
Hi Team,
Is there a way where we can add a user to AD group and that controls their access to various SAV roles?
Like controlling the Saviynt Authorization via AD group?
-Siva
02/16/2024 05:00 AM
If you do have a sav4sav connection and have imported sav roles as entitlements. You can map the entitlements of AD groups to the SAV Roles, so a dependent task for sav role addition is also generated once the ad group access addition task is generated.
Understanding Entitlement Hierarchy and Entitlement Mapping (saviyntcloud.com)
Alternately, you can utilise and create an actionable analytic to provision sav role access based on ad group access.
Configuring Allowed Actions (saviyntcloud.com)
02/16/2024 07:13 AM
Hi @Sivagami
Can you share the complete use case as I am sure you might already be familiar with the Sav4Sav approach?
If this is straightforward, then you should be able to create Sav4Sav Rest connection and import the SavRoles as entitlements with the pre-configured json and map the entitlements to the AD groups.
02/16/2024 09:37 AM
I think there is a misunderstanding here. I'm not referring to entitlement maps here.
There are other SaaS apps that can map their roles to a AD group and manage access right. Does Saviynt has such capability?
-Siva
02/18/2024 06:50 PM
Yes, this is possible via Actionable Analytics. I will try to get you the query
Regards,
SJ
02/18/2024 07:57 PM
Or if you have SAV4SAV integration available, you can use the Entitlement Map concept to add SAV Role for the existing AD Groups.
02/19/2024 06:39 PM
You can achieve using Enterprise roles.