Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

How can we prevent certain type of users from logging into saviynt and prevent submitting of request

venkat
New Contributor III
New Contributor III

We have a use case where we need to prevent a contractor having customproperty11 like 'GXXXX' from logging in to saviynt and be able to submit requests for access.  

how do we achieve this.  we tried using role user and put the below in whom to request

hql json

[{"for":"RequestAccessforOthers,RequestAccessOthersMultiUser,UpdateUserRequest,RequestEnterpriseRoles,ViewExistingAccess","query":"select a from Users a where a.username not in ('admin','SaviyntSupportAgent1','SaviyntSupportAgent2','SaviyntSupportAgent3','systemadmin') and (a.customproperty11 not like 'GXXXX' or a.customproperty11 is null) and a.statuskey = 1"}]

 

But they can submit using request for self and also submit request for enterprise role

 

we need to limit their ability to submit request

2 REPLIES 2

rushikeshvartak
All-Star
All-Star
  • Can you share logs 
  • Solution : Don't assign any sav role to contractors

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Amit_Malik
Valued Contributor II
Valued Contributor II

Hi @venkat , I might have misunderstood your use case. If you don't want them to login to Saviynt and request access, why you need them in Saviynt.

If you need them in Saviynt for some reason, don't assign a sav role.

 

Kind Regards,
Amit Malik
If this helped you move forward, please click on the "Kudos" button.
If this answers your query, please select "Accept As Solution".