Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Firefighter ID grant and revoke access JSON

Dorota_P
New Contributor II
New Contributor II

Hi,

do you have any materials that describe in details how Firefighter module is configured and how it works for FF password generation? The documentation in the portal is very poor and tells absolutely nothing about this configuration. We tried to change regex for SAP system couple of times already as Saviynt keeps on trying to create password that starts with "?" or "!" ( which are not allowed by SAP https://me.sap.com/notes/0002833934 ). We got to know that for FF password is generated not using password policy but is randomly generated as per configuration in FIREFIGHTERID_GRANT_ACCESS_JSON and FIREFIGHTERID_REVOKE_ACCESS_JSON. We updated jsons  from   "httpParams": "{\"NewPassword\" : \"${password}\"}",) to  "httpParams": "{\"NewPassword\" : \"${randomPassword.startsWith('?')?randomPassword.replaceFirst('?','0'):randomPassword.startsWith('!')?randomPassword.replaceFirst('!','1'):randomPassword}\"}",

but still Saviynt is generating password with "?" or "!"

Dorota_P_0-1693562602454.png

Saviynt constantly tries to provision the task using this incorrect password, shows no provisioning tries and task is never disappearing from pending task list. It's not happening for all FF tasks, but still is causing us lots of issues and leads to escalations.

 

Is there anybody who is an expert in FF module and can guide us?

[Posted 9/05/2023]
Do you have any REGEX that is not generating passwords with ? or ! and is not allowing to generate pw with three same characters at the beginning? We tried to use ^(?!.*[!?])(?!(.)\1{2})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[@$%#*&]).{12,20}$  that matches our expectations but Saviynt is not generating any FF tasks because of this regex.

[This message has been edited by moderator to merge reply comment]

2 REPLIES 2

DaanishJawed
Saviynt Employee
Saviynt Employee

Hi @Dorota_P ,

Looks like the issue is not with the regex but the JSONs not evaluating the regex at all.

We have checked the issue with the team internally and are currently working with the team.

Please track all the updates on the FD ticket - https://saviynt.freshdesk.com/a/tickets/1668692

Thanks.

Hello,

 

Did you get any documentation on how to configure FFID? WE are unable to see 3 dots when we go to tile Request Emergency Access ID. There is no documentation to configure FFID