We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

How does Rules evaluation work for REST API created/updated users?

alc
Regular Contributor
Regular Contributor

Hello,

We will manage Saviynt users via Saviynt REST API. The API Spec mentioned checkrules is to control if the rules will be evaluated immediately (when checkrules is true) or or later (when checkrules is false ) for user creation or update.

Another parameter inlineruleevaluation (when checkrules is true) also do the same control of rules evaluation. 

My question is what is the difference between and checkrules and inlineruleevaluation ? Should I turn both of them to true or false?

My second question is what kind of rules will be evaluated? My understanding is all Technical rules are eligible to be evaluated, but only those User Update rules that have trigger action of create/udpated from API Calls will be evaluated. Is that right?

My third question is how can I create a User update rule that can be evaluated for users regardless how it is updated via import, ui or API call? this limitation will have to duplicate same rule for 3 times. how can we overcome this limitation?

My fourth question is should I use management API or should I use Request API? if there is no approval workflow needed, the request API is not necessary, right?

Any recommendation, advice and experience to share? Thanks a lot!

Thanks,

ALC

1 REPLY 1

adarshk
Saviynt Employee
Saviynt Employee

My question is what is the difference between and checkrules and inlineruleevaluation ? Should I turn both of them to true or false?
checkrules: true/ false. If true, then rules will be evaluated immediately, if false rules will be evaluated by a job. If checkrulesforapi configuration(true/false/null) is set in the configuration table, then it will take precendence over checkrules parameter.

inlineruleevaluation: true/ false. If true then rules will be evaluated immediately, if false rules will be evaluated by a job.
Note: Both checkrules and inlineruleevaluation need to be set as true for the user update rules to be evaluated immediately.

My second question is what kind of rules will be evaluated? My understanding is all Technical rules are eligible to be evaluated, but only those User Update rules that have trigger action of create/udpated from API Calls will be evaluated. Is that right?

Technical Rule evaluation for updates depends on the action selected, if the action is to execute for limited set of technical rules, you can choose execute selected technical rules and select the list of rules. If it needs to be evaluated for all, you can select Run all technical rules.
*If the technical rule is expected to execute for birthright, make sure you select 'Birthright' flag in the rule setup

My third question is how can I create a User update rule that can be evaluated for users regardless how it is updated via import, ui or API call? this limitation will have to duplicate same rule for 3 times. how can we overcome this limitation?
Currently, System only allows us to choose 1 trigger action for each rule. An indivudual User Update Rule needs to be setup for each trigger actions.

My fourth question is should I use management API or should I use Request API? if there is no approval workflow needed, the request API is not necessary, right?
You can setup through request API and set the Auto Approve workflow

For birthright rules you can refer the below article:
https://forums.saviynt.com/t5/lifecycle-policies-rules/implementing-birthright-rules-technical-rules...