and more in a single search tool across platforms. Read the announcement here. |
02/02/2024 06:34 AM - edited 02/02/2024 06:43 AM
Hello,
We will manage Saviynt users via Saviynt REST API. The API Spec mentioned checkrules is to control if the rules will be evaluated immediately (when checkrules is true) or or later (when checkrules is false ) for user creation or update.
Another parameter inlineruleevaluation (when checkrules is true) also do the same control of rules evaluation.
My question is what is the difference between and checkrules and inlineruleevaluation ? Should I turn both of them to true or false?
My second question is what kind of rules will be evaluated? My understanding is all Technical rules are eligible to be evaluated, but only those User Update rules that have trigger action of create/udpated from API Calls will be evaluated. Is that right?
My third question is how can I create a User update rule that can be evaluated for users regardless how it is updated via import, ui or API call? this limitation will have to duplicate same rule for 3 times. how can we overcome this limitation?
My fourth question is should I use management API or should I use Request API? if there is no approval workflow needed, the request API is not necessary, right?
Any recommendation, advice and experience to share? Thanks a lot!
Thanks,
ALC
02/04/2024 09:58 PM
My question is what is the difference between and checkrules and inlineruleevaluation ? Should I turn both of them to true or false?
checkrules: true/ false. If true, then rules will be evaluated immediately, if false rules will be evaluated by a job. If checkrulesforapi configuration(true/false/null) is set in the configuration table, then it will take precendence over checkrules parameter.
inlineruleevaluation: true/ false. If true then rules will be evaluated immediately, if false rules will be evaluated by a job.
Note: Both checkrules and inlineruleevaluation need to be set as true for the user update rules to be evaluated immediately.
My second question is what kind of rules will be evaluated? My understanding is all Technical rules are eligible to be evaluated, but only those User Update rules that have trigger action of create/udpated from API Calls will be evaluated. Is that right?
Technical Rule evaluation for updates depends on the action selected, if the action is to execute for limited set of technical rules, you can choose execute selected technical rules and select the list of rules. If it needs to be evaluated for all, you can select Run all technical rules.
*If the technical rule is expected to execute for birthright, make sure you select 'Birthright' flag in the rule setup
My third question is how can I create a User update rule that can be evaluated for users regardless how it is updated via import, ui or API call? this limitation will have to duplicate same rule for 3 times. how can we overcome this limitation?
Currently, System only allows us to choose 1 trigger action for each rule. An indivudual User Update Rule needs to be setup for each trigger actions.
My fourth question is should I use management API or should I use Request API? if there is no approval workflow needed, the request API is not necessary, right?
You can setup through request API and set the Auto Approve workflow
For birthright rules you can refer the below article:
https://forums.saviynt.com/t5/lifecycle-policies-rules/implementing-birthright-rules-technical-rules...