Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

how to control the organization name in a Whom To Request

JPMac
Regular Contributor
Regular Contributor

We have a case where a third-party user makes an update user request.


However, if you select "Request For All" for the who to request, you can update all users.

There is also a risk that you can see users from other companies.

So, I want to control to request only users with the same organization name as the requestor using "request for self and users retrieved from advanced filter."

However, since organizationame is not included in the users table, the rules are not missing.

How can I satisfy the above controls?

 

1 REPLY 1

rushikeshvartak
All-Star
All-Star

[ {"for":"UpdateUserRequest","query":"select a from Users a where a.customproperty1 is not null and a.customproperty1 in ('VM') and a.id in (select userkey from Customer_Users where customerkey in (select customerkey from Organization_Owners where userkey = '${users.id}'))"} ]

rushikeshvartak_0-1713551743937.png

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.