Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Does Azure connector support Nesting of security groups?

hirenp
New Contributor III
New Contributor III

‎04/24/2023 06:04 PM

Does Azure connector support nesting of security groups? Graph API does support the nesting of security groups but I did not see any configuration related to the same in connection Json.

 

{
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/groups",
"httpMethod": "Post",
"httpParams": "{\"description\": \"${roles.description==null || roles.description==''? roles.displayname : roles.description}\", \"displayName\": \"${roles.displayname==null || roles.displayname==''? roles.role_name : roles.displayname}\", \"groupTypes\": [\"${roles.customproperty21=='Office365'? 'Unified' : ''}\"], \"mailEnabled\": \"${roles.customproperty22 == '1' ? true : false}\", \"mailNickname\": \"${roles.displayname==null || roles.displayname==''? roles.role_name : roles.displayname}\", \"securityEnabled\": \"${roles.customproperty23 == '1' ? true : false}\",\"owners@odata.bind\": [\"${allOwner}\"]}",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json"
}

hirenp_0-1682384606097.png

POST https://graph.microsoft.com/v1.0/groups/{group-id}/members/$ref
Content-type: application/json

{
"@odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/{id}"
}

 

 

Labels:
0 Kudos
5 REPLIES 5

timchengappa
Saviynt Employee
Saviynt Employee

‎05/01/2023 06:21 PM

Hi @hirenp 

Azure AD connector currently does not support importing nested groups.

Alternatively, you can explore the option to use our REST connector which supports the importing of nested entitlements provided the API response is in the supported format.

Ref Doc: https://docs.saviyntcloud.com/bundle/REST-v23x/page/Content/Developers-Handbook.htm
Please see the 'mappingTypes" attribute definition for more details...

Ref Forum: https://forums.saviynt.com/t5/identity-governance/mapping-child-entitlements-in-importaccountentjson...

0 Kudos

hirenp
New Contributor III
New Contributor III
In response to timchengappa

‎05/01/2023 07:59 PM

This question was not about reconciliation but provisioning nest

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to hirenp

‎05/01/2023 08:01 PM

You can use standard REST Connector


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

hirenp
New Contributor III
New Contributor III
In response to rushikeshvartak

‎05/01/2023 08:07 PM

@rushikeshvartak  Do you know if saviynt Azure connector does not support nesting and hence you are recommending REST connector?

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to hirenp

‎05/01/2023 08:28 PM

Yes


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC