and more in a single search tool across platforms. Read the announcement here. |
06/30/2022 07:27 AM - last edited on 06/30/2022 08:19 AM by Dave
06/30/2022 12:39 PM
Hello,
You can achieve this, a security system can be associated with the multiple endpoints, while creating an endpoint you can specify the security system and the endpoint would be associated with it.
06/30/2022 01:21 PM
So how should I associate entitlement to the endpoint ? Like Slack entitlement should associate to the Slack endpoint, Github entitlement should associate to the Github endpoint and Altassian entitlement should associate to the Altassian endpoint. All this entitlements are imported from Azure AD. Let me know if you want more clearity on what we are looking for ?
06/30/2022 01:25 PM
Azure AD does not having Group Filter option.
You can do in following way
07/06/2022 07:24 AM
@rushikeshvartak - Do you have documentation for referring this ?
07/06/2022 07:31 AM - edited 07/06/2022 07:31 AM
Hi @aparikh ,
If you want to create logical apps/endpoints (For different request forms) from entitlements coming from the same Target (here Azure) we would suggest using the REST connector and using the Endpoint Filter Functionality.
The Endpoint filter would create endpoints based off entitlement grouping which can then be used as separate forms for your end users.
Details on the REST connector Documentation : https://saviynt.freshdesk.com/support/solutions/articles/43000521736-rest-connector-guide
07/12/2022 01:13 PM
Will this work for accounts as well? The request form requires accounts to be of the same endpoint as the entitlement - how would we make Saviynt not generate new accounts for different endpoints within the same security system?
Thanks
Ajit
07/15/2022 08:05 AM
The ENDPOINT_FILTER in a REST Connector is only supported for reconciliation and not for provisioning.
The only workaround I can think of is requesting against the parent endpoint, rather than child endpoint.
07/17/2022 11:53 PM
@aparikh As Avinash mentioned, Endpoints_Filter works during recon. For provisioning, since the Connection remains the same. You would need to work your logic of closing the extra new account tasks in the provisioning jsons.