Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Custom workflow is getting auto approved on remove requests

Suresh1
Regular Contributor
Regular Contributor

‎08/13/2024 08:09 AM

Hello Team,

I'm trying to develop a custom workflow where i need to check if ev.cp1='ABC' then, it should follow 2 level approval process, else it should go for 3 level approval. I have attached the WF screenshot here. Same workflow i have tested for new account with add access task (I have enabled Entitlements only flag in security system configs) and its working as expected without any issues for Add access/New account requests.

Also I have this option enabled in EP configs

Suresh1_2-1723561725846.png

Requests are getting auto approved for remove access and remove account requests. Any help here would be highly appreciable.

 

Suresh1_0-1723560831904.png

Suresh1_1-1723561612260.png

 

Labels:
0 Kudos
6 REPLIES 6

dgandhi
All-Star
All-Star

‎08/13/2024 08:19 AM

Did you attach any workflow over here for remove access?

dgandhi_0-1723562382133.png

 

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

0 Kudos

Suresh1
Regular Contributor
Regular Contributor
In response to dgandhi

‎08/13/2024 08:32 AM

Yes, Both Add and Remove having same workflow attached.

Suresh1_0-1723563147745.png

 

0 Kudos

NM
Esteemed Contributor
Esteemed Contributor
In response to Suresh1

‎08/13/2024 08:44 AM - edited ‎08/13/2024 08:50 AM

Hi @Suresh1 , can share a clear image of workflow .

Plus remove account request will get autoapproved, you need to handle it seperately. And remove access task will get created as you have enabled "dependent task" functionality in endpoint. It is an expected behaviour.


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Suresh1

‎08/13/2024 08:57 AM

Validate if it removes access / account task using below condition

Remove Access:

com.saviynt.ecm.workflow.Request_Access.get(Long.valueOf(requestaccesskey.toString())).requesttype == 2

rushikeshvartak_0-1723564612603.png

 

------

Remove Account  requestcounts.DELETE_ACC_REQUESTS_COUNT > 0

rushikeshvartak_1-1723564651592.png

 

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Suresh1
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎08/14/2024 12:48 PM

Hi @rushikeshvartak , i have tried the both syntaxes but no luck, It is getting me through till resource owner block and then gets approved, its not going to the access approval block (Third level approval).

Suresh1_1-1723664470430.png

 

 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Suresh1

‎08/14/2024 01:25 PM

Share logs in text file

  • check entitlement !=null

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos
Copyright © 2024 Khoros, LLC