Announcing the SAVIYNT KNOWLEDGE EXCHANGE unifying the Saviynt forums, documentation, training, and more in a single search tool across platforms. Click HERE to read the Announcement.

AzureAD Account Entitlement Mapping not happening when using Entitlement Filter

Souvik
New Contributor III
New Contributor III

We have a requirement to import only 12 entitlements from AAD Group whose DisplayName startwith "ZBR RPA", For that, we had already included the ENTITLEMENT_FILTER_JSON and performed the custom access in the job as well. 12 entitlements were imported successfully.

ENTITLEMENT_FILTER_JSON:

{
"group_filter": "startsWith(displayName, 'ZBR RPA')&$count=true"
}

 

Custom Access in Job:{
"importEntTypes": {
"AADGroup": {}
},
"excludeEntTypes": {
"ApplicationInstance": {},
"InterAppOauthPermissions": {},
"DirectoryRole": {},
"Subscription": {},
"Application": {},
"DirectoryRoleMember": {},
"SKU": {},
"ServicePlans": {},
"Team": {},
"Channel": {},
"MemberPermission": {},
"GuestPermission": {}
}
}

However, the account-entitlement mapping for the listed 12 entitlements is not happening in the entitlement hierarchy.

But once the job failed and all roles got imported at that time, I could see the mapping was happening for other entitlement, but those 12 entitlements are still not mapped.

 

Note: In target those 12 roles are associated with few accounts.

1 REPLY 1

RakeshMG
Saviynt Employee
Saviynt Employee

Please validate if you have mapped following attribute in the JSON. 

Default Attribute Mapping for Account Import:

customproperty31

STORE#ACC#ENT#MAPPINGINFO

 

For more details please refer to following document :

https://docs.saviyntcloud.com/bundle/AzureAD-v2021x/page/Content/Configuring-the-Integration-for-Acc...

[Fixed broken doc link by moderator]


​Regards

Rakesh M Goudar