Click HERE to see how Saviynt Intelligence is transforming the industry. |
11/29/2022 04:07 AM
Hi Team
We have a requirement where if we add new entitlement to the existing role it should go notification to the entitlement owner for his approval. Upon his approval only the entitlement should be added to the Application Role. Is it achievable in Saviynt?
Solved! Go to Solution.
11/29/2022 04:12 AM
Yes you can use custom assignment block with custom query
11/29/2022 04:23 AM
HI Rushikesh,
To add new entitlement for existing role Can we use the Role Modification Workflow in global config level ? question is if we add the new entitlement for existing role will Saviynt consider that as a Role modification? or we need to modify the existing workflow from security system itself by adding the custom query block?
11/29/2022 09:41 AM - edited 11/29/2022 09:41 AM
Yes it will be role management workflow
select userkey from entitlement_owners where rank = 1 and entitlement_valuekey in (select distinct ra.accesskey from request_access ra where ra.requestkey=${ARSREQUEST.id} )
11/30/2022 12:49 AM
Thanks Rushikesh, That works
12/02/2022 03:42 AM
Hi Team,
When we tried adding entitlement navigating to Identity Repository >> roles>>Add entitlement every thing works fine But When we try to add the entitlements to Application Role using Upload Role Associations
Getting the below highlighted message as we see in the knowledge document
Note: If My Uploads feature is enabled, instead of this page, you will be notified that a background job has started to upload roles.
But when we see the roles after some time we don't see any change i.e., No entitlement has been added to the existing role or it has not created any request to go for approval to entitlement owner
Is there a way to check this in the logs ? or Are we missing any config here
11/29/2022 06:58 AM
Hi @Shaik_Silar ,
Yes you need to map the WF in the Role Modification Workflow in global config level .
Also, if you want to have the approval sent to the Entitlement owner, simply create the workflow using the access approval node and when an entitlement is added to the Role and you send it for approval - it shall by default be routed to the relevant entitlement owner for approval. You could configure your email notifications in the WF as required.