Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Dependent Entitlement Provisioning Based on Department

sureshkumar
New Contributor II
New Contributor II

Hi Team,

 

We have Requirement where we need to provision Entitlements based of Users Department 

We have 2 types of Entitlements Roles and Groups  and in Roles .

Roles has just one Entitlement called  Users

Groups these are more in numbers

Expectation , when request is rasied  for User(Role)  ,after Request is completed for users , we wanted to provision different groups for user based on Department 

Example -

user request for Role User with D1 - after D1 approval is completed and task completed -> add G1,G2 groups for user

user request for Role User with D2- after D2approval is completed and task completed -> add G3,G4 groups for user

We explored few option with help of forum 

1. use Request Rules  - this requires creation of multiple organization for each combination ,since we have many such combination , this becomes complex 

2. actionable analytics - this is not immediate after request , needs schedule and poll every time to see role is added

3.Entitlement MAP - we cannot use because of No direct dependency on Role 

Any other options ?

 

1 REPLY 1

stalluri
Valued Contributor II
Valued Contributor II

@sureshkumar 

Entitlement Map/Associated is not supported.

You can use Actionable analytics and trigger task and assign them. Configuring-Allowed-Actions 

  • Create Actionable analytics and assign and remove the access.
  • Schedule it in trigger chain of provisioning job.

Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.