Hi,
We are using the saviynt app in snow and noticed an issue with the functionality.
When end user requests e.g. enterprise role from snow, before the request is approved in Saviynt, there is a possibility for the user to cancel their own request.
This however fails to a following error: User's roles does not have permission to cancel requests. This cancel request is made towards API: /api/v5/cancelPendingRequest .
I tested this functionality also in Postman. The bearer token used is for an api user that has both OOB SAV ROLE_ADMIN and our custom admin SAV ROLE_ADMCOPY. This is the same api user that is configured in the saviynt app.
These sav roles together should give the user the permissions to perform this task.
In the end, the Postman test also fails with the same error: User's roles does not have permission to cancel requests.
{
"msg": "User's roles does not have permission to cancel requests",
"errorCode": "1"
}
I have also tried this in Postman with the requestor users, employee ftest, token with this user having also both OOB SAV ROLE_ADMIN and our custom admin SAV ROLE_ADMCOPY .
However, the result is same error message.
In our environment the SAV ROLE_ADMCOPY gives access to the API webservice_api_v5_cancelPendingRequest AND also haves any other necessary permission for this action selected in Feature Access, Web Service Access, Create Request Home Option, etc..
See below a picture of the url search within that sav role (obviously, the role has all the web service accesses but for the sake of this post I just highlighted this particular since it is the most relevant).
So even with full permissions, this is not working, not from Saviynt app in snow and not even from Postman.
Thanks already in advance.
BR,
Ella