Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Does "Request to Disable Account" API supports other user accounts to Disable?

jsatish
Regular Contributor II
Regular Contributor II

Hi Team,

Does "Request to Disable Account" API supports other user accounts to Disable?. 

When i am trying to disable my own account for specific endpoint via "Request to Disable Account" API, it's creating the request but the request is submitted for the token users (API Authenticated). 

Here is the request body:

jsatish_0-1692344833121.png

Regards,
SJ

12 REPLIES 12

dgandhi
All-Star
All-Star

Yes, it depends on the user (and its associated sav role) with whom you are trying to perform this operation. If the user has the required sav roles/ permission then it should work. Are you facing any issue?

 

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

jsatish
Regular Contributor II
Regular Contributor II

Thanks for the response Devang. I am trying to submit the request for my self to disable the account, but when we use disable account API it shows requested for and requested by is same (Token User) which eventually cause failure of the task. 

My ID has ROLE_ADMIN access
Regards,
SJ

Have you tried below API mentioned on the document? The body that you are passing is different. Below works for me.

To use the API, enable below config at the endpoint level.

dgandhi_0-1692715250760.png

 

POSTRequest to Disable Account

{{url}}/ECM/{{path}}/createrequest

This API creates request for disabling account in SSM.

The Authorization must have Bearer followed by Token.

Mandatory params: requesttype - DISABLEACCOUNT accountnameendpoint

Optional params: requestorbusinessjustification

HEADERS
Authorization

Bearer {{token}}

Content-Type

application/json

Bodyraw
 
{
    "requestor": "admin",
    "endpoint": "AWS",
    "accountname": "000317",
    "requesttype": "DISABLEACCOUNT",
    "businessjustification": "test justification"
}

https://documenter.getpostman.com/view/20697337/2s93sgXWAt#5a951f04-a46b-48e8-a6b7-01b77d899dc5

 

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

jsatish
Regular Contributor II
Regular Contributor II

Yes, used the same API and request body as well.

Regards,
SJ

Body looks different as per the screenshot, you are passing username, SS

dgandhi_0-1692715727215.png

 

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

jsatish
Regular Contributor II
Regular Contributor II

With or without username it's stil same. Request For and Requested By (Token User)

Where are you passing below in your JSON?

 "requestor": "admin",

 

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

jsatish
Regular Contributor II
Regular Contributor II

if we don't pass the requetor it will take default requestor as a token user.

Then what is the issue?

 

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

jsatish
Regular Contributor II
Regular Contributor II

irrespective of the requestor, if i submit the request for Disable Account via API. Request is submitted successfully but only thing is

If request is submitted for self  "Requested For should be "My ID"  not the Token user or admin". But here requested for is updated as "Admin or Token User".

Regards,
SJ

This works as expected in v23.6 Make sure you are passing username in requestor field

rushikeshvartak_0-1692764942922.pngrushikeshvartak_1-1692764960895.png

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

jsatish
Regular Contributor II
Regular Contributor II

Thanks Rushikesh. Will verify this once the system is upgraded to V23.6