Hi,
Assuming ..
Endpoint E has three account types 1, 2, 3.
A user X have three accounts on endpoint E : a1 (Account type 1), a2 (Account type 2), and a3 (Account type 3).
Account a1 have two entitlements of E1-1, E1-2
Account a2 has one entitlement of E2-1
Account a3 have two entitlements: E3-1, E3-3
There is an application role
R1 which have three entitlements : E1-1, E1-2, E1-3, E1-4.
R2 which have three entitlements : E2-1, E2-2, E2-3, E2-4.
R3 which have three entitlements : E3-1, E3-2, E3-3, E3-4.
Now, when user X is added to role membership of role R1, Add Access tasks will be created and entitlements will be assigned for account types a1, a2 and a3. Same is true for role R2 and R3
GOAL -
For R1 - entitlements need to be assigned ONLY for Account type 1, NOT to account type Account 2 and 3
For R2 - entitlements need to be assigned ONLY for Account type 2, NOT to account type Account 1 and 3
For R3 - entitlements need to be assigned ONLY for Account type 3, NOT to account type Account 1 and 2
How can we restrict the assignment of entitlement during role membership to only one particular account type, but not for other account types?
Thanks
