Saviynt Forums

c_d · ‎03/19/2024

Hi all,

Any solution to auto complete tasks without provisioning ?

Thank you!

PremMahadikar · ‎03/19/2024

Hi @c_d ,

- manually you can complete the task which will not be provisioned to target

- Another option

Set Automated Provisioning as Enabled
Leave Provisioning Connection empty
Run WSRETRY for the security system, it will auto-complete all pending tasks.

If this reply answers your question, please consider selecting Accept As Solution and hit kudos.

Best,
Prem Mahadikar

NM · ‎03/19/2024

Hi @c_d , you can explore instant provisioning option, keep the json empty and you don't have to create a separate provisioning job.

Saathvik · ‎03/19/2024

@c_d : Explain the use case to provide appropriate solution

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

rushikeshvartak · ‎03/19/2024

Use enhanced Query to complete task.

select taskkey as arstasks__primarykey,3 as arstasks__status from arstasks where taskkey=111;

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Olesia · ‎05/07/2024

Hi,

we have the same requirement and previously we used a "dummy" connector with an empty JSON ({}) but since 5.5 SP3.18 it stopped working for "Add access" and "Remove access" tasks. Saviynt Support confirmed that it is a bug and it should be fixed already (CSO-1919). But now we are on 24.4 and it still doesn't work for us.

Instant provisioning doesn't help.

We tried to clear the Provision connection as well and still the same result - the tasks are getting failed and not completed.

We tried also Enhancement query to assign a status 3 (completed) for tasks but it doesn't add a record to the account_entitlements1 table and the access is not considered as granted/revoked.

Anyone, who has any of the mentioned approaches working, could you please share what do you have in the Security System and in the connector's JSON?

Saathvik · ‎05/07/2024

@Olesia : Instead of empty JSON use dummy JSON which always gives success response.

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

rushikeshvartak · ‎05/07/2024

Which connector is used here ?

if its REST use below JSON

{
"name": "DirectoryRole",
"connection": "AutoComplete",
"url": "https://graph.microsoft.com/AutoApproveAddTask_DirectoryRole",
"httpMethod": "GET",
"httpParams": "",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Olesia · ‎05/13/2024

Hi,

Inline with other Forum questions we have the following observations:
1. Looks like the issue is with security systems being entitlements only, once removed that option it starts working as expected. https://forums.saviynt.com/t5/identity-governance/add-access-tasks-discontinued-with-message-quot-us...

2. We configured a dummy JSON which always gives success response. This time we do not receive "Error in provisioning: AccountID is mandatory" error but as our API sends a response (instead of null) we now get another error "USERNAME XXXXX is not associated with ACCOUNTNAME XXXXXXX" and the task is discontinued. https://forums.saviynt.com/t5/identity-governance/discontinued-tasks-with-quot-username-is-not-assoc...

Finally, we found a solution which better fits our requirements. If you need auto complete tasks without provisioning, instead of using a dummy REST connector - create a disconnected connection and select it as Provision Connection in your Security System. Provision job picks the tasks and completes them with reflection in account_entitlements1 table.

Saviynt Forums

Complete task without provisioning