Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Application Role - Logical Endpoint Application

mayankshah
Regular Contributor
Regular Contributor

Background: For an endpoint E1, there are multiple Application Roles (AR1, AR2, AR3 etc) configured. There is also separate E2 and E3 endpoint (Different security systems) with Ent1, Ent2, and Ent3 entitlements and Ent4,  Ent5, and Ent6 entitlements respectively.

Requirement: The user let's say requests application access- E1 for an Application Role AR1 (contains Ent1, Ent2, and Ent3 entitlements)and AR2 (contains Ent4,  Ent5, and Ent6 entitlements).

Expectation: A total of 12 tasks should get created under the pending task after request approval. 

6 pending tasks - E1 (Logical Endpoint Name)

3 pending tasks - E2 (Endpoint Name)

3 pending tasks - E3 (Endpoint Name)

Application RoleParent EndpointChild EndpointEntitlements
AR1E2E1Ent1,Ent2,Ent3
AR2E3E1Ent4,Ent5,Ent6

This is similar to what we do in entitlement value<>other entitlement details<> entitlement map by enabling dependent task but I want to request application role instead of entitlement value and trigger dependent task.

Thanks,

3 REPLIES 3

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @mayankshah.,

You can consider utilizing an Enterprise Role for the use case mentioned above. 

For Ref: https://docs.saviyntcloud.com/bundle/SSM-Admin-v55x/page/Content/Chapter06-Configuring-EIC/Configuri... 

If you find the above response useful, Kindly Mark it as "Accept As Solution".

mayankshah
Regular Contributor
Regular Contributor

Hi Sudesh,

Although I wanted to implement this by application role but would be interesting to look at the perspective of the Enterprise Role.

I went through the link but couldn't find anything of much help. Would you be so kind to explain this in more details?

Thanks ,

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @mayankshah,

The concept of the application roles and the enterprise roles are comparable, with one key distinction. the Application roles are limited to having entitlements from a single application, whereas enterprise roles can encompass entitlements from various applications.

Thanks,

If you find the above response useful, Kindly Mark it as "Accept As Solution".