Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Approver should be from usergroup

Mahes
Regular Contributor
Regular Contributor

Hi,

 We have a requirement that when the user is created, it will check whether the requestor having particular SAV_ROLE if yes auto approve, if not the approver should have that SAV_ROLE.

I am able to achieve the first but trying hard to achieve the second (the approver should have the Particular SAV_ROLE). It is also fine if the approver belongs to particular usergroup. 

Can anybody share the query which we can use in Custom Assignment. 

Thank you.

 

9 REPLIES 9

rushikeshvartak
All-Star
All-Star

Use the below condition in if else block( mark it as groovy )

requestedby.authorities.collect { it.authority }.contains("ROLE_ADMIN")

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Abhishek0406
New Contributor III
New Contributor III

Abhishek0406_1-1723208475214.png

Try this

Mahes
Regular Contributor
Regular Contributor

Hi @rushikeshvartak @Abhishek0406 

Thanks for the reply. For first use case I achieved using this query and I am stuck in second case (approver of the user creation should be from usergroup or SAV_ROLE.)

 

You can validate using above authority check for sav role


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

User Group change logic sample below

https://forums.saviynt.com/t5/identity-governance/workflow-check-if-user-group-exists/m-p/77038#M491...


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Mahes
Regular Contributor
Regular Contributor

Hi @rushikeshvartak,

Is it possible to achieve this case in  Custom Assignment Task? does the groovy script works in Custom Assignment. The above said query and the query which shared in the another forum can be used in if else. My requirement is, I need to achieve this in Custom Assignment.

Thank you. 

not in custom assignment if it only 1 user then. It will go to admin


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Thanks @rushikeshvartak for the reply. I achieved the result. Previously the usergroup has only one user and it assigned to admin.

Please click the 'Accept As Solution' button on the reply (or replies) that best answered your original question and hit 'Kudos' button 👍.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.