We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

How could we make User groups to be able to request for specific applications?

KasperT
New Contributor III
New Contributor III

We have Application and Entitlement owner user groups and those should be able to request for specific applications for any user with the Request for others feature. 

We are using Access queries in endpoints to limit visibility. We are not able to use requestor and requestee attributes as we are using enhanced catalog. 

Is there a way that we can bypass the Access queries for these user groups or something to make this work?

6 REPLIES 6

dgandhi
All-Star
All-Star

What is the query that you are trying?

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

KasperT
New Contributor III
New Contributor III

The query it self is not the issue here and it can be different in different endpoints. We need to bypass it for the group members so they can request for all users regardless if they meet the access query requirements or not. 

adriencosson
Regular Contributor III
Regular Contributor III

Hi @KasperT ,

I had a similar issue. As written in the below post, the "requestor" dynamic variable is not accessible in Access Query unless you set the "Enhanced Application Request" is set to "No".

You can find a working query there.

https://forums.saviynt.com/t5/identity-governance/access-query-restriction-based-on-requestor-sav-ro...

Let us know if you need guidance on how to write the query for user groups.

Regards,
Adrien COSSON

KasperT
New Contributor III
New Contributor III

Thanks but this does not help here. As I said in the post we are using the enhanced catalog and I am aware that we can set it to "No" but that does not help with the issue.

adriencosson
Regular Contributor III
Regular Contributor III

@KasperT, Sure I totally understand your issue.

Unfortunately as of now the requestor / requestee dynamic variables are not exposed in Access Query when using Enhanced Application request.

I have brought this up as an idea to Saviynt here that you can upvote  : https://ideas.saviynt.com/ideas/EIC-I-4916 

Regards,
Adrien COSSON

DixshantValecha
Saviynt Employee
Saviynt Employee