Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Any way to have request go for approval to the person it is requested for?

savuser17
Regular Contributor
Regular Contributor

Hello,

We have a usecase where for an endpoint, we want the levels of approval to go as such - first level usergroup, then manager, then if requestor is different from user requested for (like manage access for others scenario), then it should go to the user requested for for approval.

For that, I am using a custom query, leveraging one dynamic attribute that has the systerusername attribute. The code:

select userkey from users where systemUserName = (select raa.ATTRIBUTE_VALUE from ARS_REQUESTS ar, request_Access ra,request_Access_attrs raa where ar.requestkey=ra.requestkey and ra.request_accesskey=raa.request_access_key and raa.attribute_name ='adsid' and ar.requestkey=${ARSREQUEST.id})

It gives right result in data analyzer when i check with a request id, but it still goes in Saviynt Admin for approval on that level. Does anyone have any pointers? Or is it simply not possible?

Thank you

3 REPLIES 3

Raghu
All-Star
All-Star

@savuser17  can you requiment once again , above scenario not clear out?


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

savuser17
Regular Contributor
Regular Contributor

Hi,

So scenario is such - I (user a) am requesting access to this endpoint for another user (user b). So after a usergroup and manager approval, it should go to user b for approval as well.

Hope that clears it up

rushikeshvartak
All-Star
All-Star

This is expected behavior as per audit. Enduser and  approver can’t be same . Request will be assigned to admin


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.