and more in a single search tool across platforms. Read the announcement here. |
03/19/2024 04:32 AM
Hi all,
Any solution to auto complete tasks without provisioning ?
Thank you!
03/19/2024 05:29 AM
Hi @c_d ,
- manually you can complete the task which will not be provisioned to target
- Another option
If this reply answers your question, please consider selecting Accept As Solution and hit kudos.
03/19/2024 07:22 AM
Hi @c_d , you can explore instant provisioning option, keep the json empty and you don't have to create a separate provisioning job.
03/19/2024 08:31 AM
03/19/2024 08:08 PM
Use enhanced Query to complete task.
select taskkey as arstasks__primarykey,3 as arstasks__status from arstasks where taskkey=111;
05/07/2024 06:31 AM
Hi,
we have the same requirement and previously we used a "dummy" connector with an empty JSON ({}) but since 5.5 SP3.18 it stopped working for "Add access" and "Remove access" tasks. Saviynt Support confirmed that it is a bug and it should be fixed already (CSO-1919). But now we are on 24.4 and it still doesn't work for us.
Instant provisioning doesn't help.
We tried to clear the Provision connection as well and still the same result - the tasks are getting failed and not completed.
We tried also Enhancement query to assign a status 3 (completed) for tasks but it doesn't add a record to the account_entitlements1 table and the access is not considered as granted/revoked.
Anyone, who has any of the mentioned approaches working, could you please share what do you have in the Security System and in the connector's JSON?
05/07/2024 08:11 AM
05/07/2024 07:24 PM
Which connector is used here ?
if its REST use below JSON
{
"name": "DirectoryRole",
"connection": "AutoComplete",
"url": "https://graph.microsoft.com/AutoApproveAddTask_DirectoryRole",
"httpMethod": "GET",
"httpParams": "",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
05/13/2024 08:21 AM
Hi,
Inline with other Forum questions we have the following observations:
1. Looks like the issue is with security systems being entitlements only, once removed that option it starts working as expected. https://forums.saviynt.com/t5/identity-governance/add-access-tasks-discontinued-with-message-quot-us...
2. We configured a dummy JSON which always gives success response. This time we do not receive "Error in provisioning: AccountID is mandatory" error but as our API sends a response (instead of null) we now get another error "USERNAME XXXXX is not associated with ACCOUNTNAME XXXXXXX" and the task is discontinued. https://forums.saviynt.com/t5/identity-governance/discontinued-tasks-with-quot-username-is-not-assoc...
Finally, we found a solution which better fits our requirements. If you need auto complete tasks without provisioning, instead of using a dummy REST connector - create a disconnected connection and select it as Provision Connection in your Security System. Provision job picks the tasks and completes them with reflection in account_entitlements1 table.