Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

In approval workflow for create user from saviynt UI , we need to select approver as users manager f

tpawle
New Contributor III
New Contributor III

‎05/15/2023 02:35 AM

In approval workflow for create user from saviynt UI , we need to select approver as users manager from request form (manager as daynamic attribute) request based on a request attribute.

we have an use case for which we have implemented a create user request form in which the user manager can be selected from a dropdown list.The formate of the manager value from the drop down list is username:Firstname,lastname for example= "10010:Tejas,Pawle"

use case 1 = If the create user form is completed by the user (Requestor) with SAV_Role as IAM/ADMIN operator, the approver of the request is the business sector (manager/delegate).Beneficiary users manager.

use case 2 = If the create user form is completed by the business sector user with SAV_ROLE as (manager/delegate), the approver of the request is the user with SAV_Role as IAM / ADMIN operator.

so , for this i have created one workflow with if condition and with custom query approach. Use case 2 is working fine but i am facing the issue in use case 1. When executed the use case 1 the request is re-routed to the admin user instead users manager.

as per the refrence from the forum and details mentioned in below tikcet : https://forums.saviynt.com/t5/identity-governance/approval-workflows-select-approver-for-a-create-us...

select distinct case when raa1.ATTRIBUTE_NAME='manager' then (select userkey
from users
where userkey in
(select distinct raa.attribute_value as userkey
from request_access_attrs raa , ars_requests ar, request_access ra
where ar.REQUESTKEY = ra.REQUESTKEY and ra.REQUEST_ACCESSKEY = raa.REQUEST_ACCESS_KEY
and ar.requestkey=${ARSREQUEST.id} and raa.ATTRIBUTE_NAME='manager')) else users.manager END as userkey
from users, request_access_attrs raa1,ars_requests ar1,request_access ra1
where ar1.REQUESTKEY = ra1.REQUESTKEY AND ra1.REQUEST_ACCESSKEY = raa1.REQUEST_ACCESS_KEY and ar1.requestkey=${ARSREQUEST.id} and ra1.userkey=users.userkey AND ra1.status=1


I have used the below mentioned query but still the request is routed to Admin for the approval instead of Users manager.

Any refrence how we can use the daynamaic attribute value as a approver from create user form ?

 

Please find the attached approval workflow , daynamic attribute screen shot for reffrence. 

 

tpawle_0-1684143023086.pngtpawle_1-1684143119164.pngtpawle_2-1684143190388.png

 

 

 

Labels:
Preview file
117 KB
Preview file
27 KB
Preview file
29 KB
0 Kudos
1 REPLY 1

sudeshjaiswal
Saviynt Employee
Saviynt Employee

‎05/17/2023 09:09 PM

Hello @tpawle,

In your USE CASE 1: - 
Is the approver the same as the requestor?"
If the Requestee has the SAV_Role as IAM/ADMIN and does not have the manager/delegate value, by default the approval will be rerouted to admin.
Could you please confirm if the requester has these values?

sudeshjaiswal_0-1684382869288.png

 

 

If you find the above response useful, Kindly Mark it as "Accept As Solution".
0 Kudos
Copyright © 2024 Khoros, LLC