02/24/2023 12:52 PM
Hi Team,
For Azure AD Integration able to import all the Entitlement Types as per Saviynt Documentation.
But as per Application Team the requirement to import and assign Azure Roles. Couldn't find anything regarding Azure Roles in documentation.
Is Azure AD Connector supports Import/Provisioning of Azure Roles? Is there any steps or documentation for the same?
Regards,
Soumya.
02/24/2023 07:15 PM
Is it different from directoryRole?
You can check docs what entitlement type is supported in ootb connector. Otherwise, you need to import with rest connector
03/24/2023 11:37 AM
For all user operations AzureAD uses graph APIs which work fine.
But for Azure Roles it is not supported by graph API. It uses separate management.azure.com API.
E.g: https://management.azure.com/subscriptions/{{subscriptionId}}/providers/Microsoft.Authorization/role...()
Documentation link: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
For this we need separate Rest API again to manage Azure Roles only.
So the question: Is it possible to use 2 Connections for a single Endpoint for Recon and Provisioning? Is there any way we can configure it? Can you check once with Azure AD Connector Team how it can be achievable..it might have done with other customers?