Click HERE to see how Saviynt Intelligence is transforming the industry. |
11/25/2023 07:07 AM
Is it possible to block users from requesting entitlement that belongs to only to their department?
I tried with the department filter but a user can select the entitlement even before selecting the department. which allows him to request for all entitlements, select the department later. and place a request. Any possible way to block users from doing this?
Please let me know if there's any possiblity.
11/25/2023 09:08 AM
@Saviynt_learner did you try with config for requrstable entitlements in ARS in entitlement type details page?
Sample:
ev. custompropertyx=='${departmentDA}'
entitlement custompropertyx should have department name
11/25/2023 09:32 PM - edited 11/26/2023 03:35 AM
Thank you for the answer. But even after enabling this feature, users can still choose departments multiple times and request for any entitlement they want in a single request. How can we prevent that from happening?
11/26/2023 08:47 AM
Problem is user can switch department and add entitlement correct ? If yes then only solution is you can add SoD or in wokflow you can validate department stored in entitlement if does not match with department in dynamic attributes then reject the entitlement