and more in a single search tool across platforms. Read the announcement here. |
04/13/2023 10:59 AM
We have made the savrole as timebound firefighter roles using saviynt to saviynt connection and making roles which are mapped to the savrole as entitlements.
And we have made the firefighter role as requestable and not the Savrole.
Now if someone comes and raise request to this firefighter role, they will get access to the underneath savrole by default for defined days. But issue is when someone directly gets added to savrole, then he is not added to firefighter role and his access remains foreever.
Is there a way to add user directly added to savrole to be added to firefighter role also ?
Thanks
Manisha
04/13/2023 11:36 AM
Hi @manisha9084 ,
Greetings.
When savroles are added as firefighter roles through saviynt for saviynt connection, the request goes through a workflow and gets provisioned as per the provisioning connection for the time period mentioned in the request. Eventually the role gets deprovisioned when the time is expired.
But when a user is directly assigned to savrole, it will behave like a typical user assignment to savrole. So the firefighter role properties will not hold in that case.
Thanks,
04/14/2023 03:59 AM
Thank @pruthvi_t
Yes I understand that. But wanted to know is there a way to assign the same ?
Or anyway for restricting direct addition to specific savroles ?
Thanks
Manisha
04/14/2023 01:12 PM
If you'd like to restrict adding savrole directly to users, make sure people with other savroles other than admin have the feature access to assign savroles removed. So that they will not be able to view or assign savroles.
Thanks,