Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Can you please provide an example how to use dynamic attribute of enterprise role?

IAMI
New Contributor II
New Contributor II

‎03/02/2023 11:30 AM - edited ‎03/02/2023 11:31 AM

Hello Saviynt Expert,

I want to update an application account when a user is assigned to an enterprise role.  the account attribute value is depend on the role name.

To achieve this purpose, in my updateAccountJSON, I want to set the attribute value by reference the dynamic attribute of assigned role . Is this possible? any suggestions and recommendations?

Can I use dynamic attribute of the role to define the value for the account attribute? in what situation and how to use dynamic attribute of the role?

Thanks

Labels:
0 Kudos
9 REPLIES 9

Darshanjain
Saviynt Employee
Saviynt Employee

‎03/03/2023 01:02 AM

Hi @IAMI 

Can you please give some more details like how are the users added to enterprise role , after that is the user should request that Application or you need to update it automatically and in the json you need to pass some attribute related to enterprise role.

Even if you use DA for role, for update account you wont be able to use it better to store it in users table of some cp.

But give some clarity and lets see 

0 Kudos

IAMI
New Contributor II
New Contributor II
In response to Darshanjain

‎03/03/2023 07:42 AM - edited ‎03/03/2023 07:43 AM

Hi Darshan,

We use user attribute value query to determine the role assignment with technical rule. After that, we want to use user update rule to determine if the user have this role assigned, create or update  an application account for this user. and the createAccountJSON/updateAccountJSON should be able determine one attribute value based on the role assigned or based on the rule name that triggered this account operation.

Thanks.

0 Kudos

Darshanjain
Saviynt Employee
Saviynt Employee
In response to IAMI

‎03/03/2023 08:09 AM

Okay got it, if you are calling the update account json from user update rule then you can only use the variables which are allowed ( user or account ), Even request is not created so there is no DA coming into picture as well. 

So one thing what i am getting is, once a role is assigned to user, you can store that in some user custom property via sav 4 sav or custom query job and then you can pass those value in update account json directly

0 Kudos

IAMI
New Contributor II
New Contributor II
In response to Darshanjain

‎03/03/2023 08:23 AM

Thanks Darshan for your idea to utilize the user custom property. however, we have almost run out of all customproperties.

Can we access to task object within createAccountJSON and updateAccountJSON?

As long as we know what rule triggered the task for account operation, we can determine what attribute value to set.

0 Kudos

Darshanjain
Saviynt Employee
Saviynt Employee
In response to IAMI

‎03/03/2023 08:33 AM

Yes Task object is exposed, you can try out that scenario just that you may need to create many rules if you have lot of roles and objects you want to use. 

0 Kudos

IAMI
New Contributor II
New Contributor II
In response to Darshanjain

‎03/03/2023 08:48 AM

That is great to know. I can refer to any column of the task table, right? Can you refer me to a documentation link of scripting with these objects such as users, accounts, tasks etc.? I understand how to do java/javascript programing. but need some Saviynt specific information such as what is allowed and what is not allowed, what is the correct syntax etc.

Thanks,

0 Kudos

sk
All-Star
All-Star
In response to IAMI

‎03/03/2023 08:51 AM

You can find the exposed variables/items for provisioning from respective connector documentation.

What is your target in this case?


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.
0 Kudos

IAMI
New Contributor II
New Contributor II
In response to sk

‎03/03/2023 08:58 AM - edited ‎03/03/2023 08:58 AM

My target is to develop custom connector for inhouse application that is not applicable to all out of box connectors. this custom connector need configure createAccountJSON and updateAccountJSON. So I need usnerstand how to pass parameters from saviynt to custom connector createAccount and udpateAccount methods.

We need collect account attribute values based on roles assigned. rules triggered etc. I think Saviynt should have a common practice apply to all connectors what is allowed, and what is not allowed, what is exposed and what is correct syntax etc.  I need this kind of documentation link.

Thanks,

0 Kudos

Darshanjain
Saviynt Employee
Saviynt Employee
In response to IAMI

‎03/04/2023 09:09 PM

Hi @IAMI 

For custom connector, Saviynt has a frame work and named it as JAR connector. Please check out the documentation for the same

https://docs.saviyntcloud.com/bundle/JAR-v2020x/page/Content/About-this-Guide.htm

0 Kudos
Copyright © 2024 Khoros, LLC