Create Remove Access Task -Entitlement Type as "Drop Down(Single)"

New Contributor
New Contributor

Hi Team

We have one Application that only supports a single role for each user, so we are using  Entitlement Type's request option as "Drop Down(Single)" so that we can restrict the user's Request

Can team help me to know, what extra configuration I should do, so that If the user tries to modify his existing role, Saviynt will create 2 tasks "RemoveAccess(old role) and AddAccess(NewRole)"?


Currently, it is only Creates only AddAccess(NewRole) task if the user trying to modify the role

PFA the configuration we have





I don't think there is any such setting to let user will submit only one role and when they request new one automatically removes old one. I will wait for others comment to see if that is possible.

But I would suggest couple of workarounds.

  1. See if you can achieve using request rules
  2. Handle in workflow such that
    • if user already have existing role try to reject the request
    • or see if you can use an action event(custom logic) to revoke existing roles then move forward with submission of request for new role -- Never tried, but just a thought
  3. Let the user submit the request for new role and use actionable analytics to remove old role from user profile



This is saviynt internal configuration. its not create tasks for revoke when entitlement type request option used as Drop Down.

Please share entitlement Type configuration page screenshot.

You can switch to application role