AzureAD Account Entitlement Mapping not happening when using Entitlement Filter

New Contributor III
New Contributor III

We have a requirement to import only 12 entitlements from AAD Group whose DisplayName startwith "ZBR RPA", For that, we had already included the ENTITLEMENT_FILTER_JSON and performed the custom access in the job as well. 12 entitlements were imported successfully.


"group_filter": "startsWith(displayName, 'ZBR RPA')&$count=true"


Custom Access in Job:{
"importEntTypes": {
"AADGroup": {}
"excludeEntTypes": {
"ApplicationInstance": {},
"InterAppOauthPermissions": {},
"DirectoryRole": {},
"Subscription": {},
"Application": {},
"DirectoryRoleMember": {},
"SKU": {},
"ServicePlans": {},
"Team": {},
"Channel": {},
"MemberPermission": {},
"GuestPermission": {}

However, the account-entitlement mapping for the listed 12 entitlements is not happening in the entitlement hierarchy.

But once the job failed and all roles got imported at that time, I could see the mapping was happening for other entitlement, but those 12 entitlements are still not mapped.


Note: In target those 12 roles are associated with few accounts.


Saviynt Employee
Saviynt Employee

Please validate if you have mapped following attribute in the JSON. 

Default Attribute Mapping for Account Import:




For more details please refer to following document :

[Fixed broken doc link by moderator]


Rakesh M Goudar