Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Azure AD ENTITLEMENT_FILTER_JSON

bala
New Contributor II
New Contributor II

Hi Team,

We are onboarding the Azure AD using Saviynt OOTB Azure AD connector.

We have a requirement to bring only AAD cloud-based group only and want to exclude the AAD on-premises AD groups.

In Azure AD connector we have ENTITLEMENT_FILTER_JSON parameter which is used to filter AAD group with simple graph API supported by Microsoft.

Unfortunately in our client environment, we don’t any naming convention on display name attribute for groups, so we can’t use any filter like displayname starts with az_ or something. So we need to have another attribute filter. 

We tried with onpremisessyncenabled  attribute which works with true condition and not with false value. 

I.e $filter=onpremisessyncenabled  eq True works fine 

$filter=onpremisessyncenabled  eq False not working 

$filter=onpremisessyncenabled  ne True not working. 

We found some thing working with below condition.  

https://graph.microsoft.com/beta/groups?$filter=onpremisessyncenabled  eq null&$count=true along with “ConsistencyLevel” with value “eventual” as headers.  

Do Saviynt support this kind of approach by passing headers in ENTITLEMENT_FILTER_JSON filter.  Kindly provide some guidance or sample json here. 

Thanks,

Balaji Balakrishnan

[This message has been edited by moderator to disable text hyperlinks]

3 REPLIES 3

rushikeshvartak
All-Star
All-Star

Did you validated 

$filter=onpremisessyncenabled eq null


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

bala
New Contributor II
New Contributor II

@rushikeshvartak 

As I told we tried all combo and nothing is working, except the below which takes headers also in filter.

https://graph.microsoft.com/beta/groups?$filter=onpremisessyncenabled  eq null&$count=true along with “ConsistencyLevel” with value “eventual” as headers.  

All I needed is do Saviynt support passing headers in ENTITLEMENT_FILTER_JSON filter.  Kindly provide some guidance or sample json here. 

Thanks,

Balaji Balakrishnan

 

Passing headers are not supported in ENTITLEMENT_FILTER_JSON. Upvote below idea ticket 

https://ideas.saviynt.com/ideas/EIC-I-4379


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.