and more in a single search tool across platforms. Read the announcement here. |
12/06/2022 02:43 PM
Hi Forum,
We were using /authsaviynt url to bypass SSO during SSO is unavailable. And the same has been restricted by Saviynt and claiming that (as per Saviynt policy)this url is accessible internally and not accessible to customer.
We are trying to configure SIEM alerts and would like to check one thing here that, can Saviynt capture the logs if anybody attempted to access /authsaviynt URL by anyone including Saviynt team so that it will trigger alert to a Customer.
If possible, please provide more/sample details. Thanks.
12/06/2022 07:34 PM
what is error message you are getting. did you tried with IP
12/06/2022 07:43 PM
We are getting 403 error and got confirmation from Saviynt DevOps team that this has been restricted at network level. And the same will be accessible if Saviynt VPN is connected.
The question here is if anyone from Saviynt logged in or attempt to login using this url, shall that be capture in the logs.
12/06/2022 07:50 PM
You should track using application audit logs where localauthentication is enabled under user & user logged in
12/30/2022 09:23 AM
Did your organization ever find a solution/work-around for this?
When we made a ticket around the same time we only got stone-walled "not possible" responses, and then they inexplicably privated the documentation page.