Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Level 1 and Level 2 entitlements Use Case

sreehariv
New Contributor III
New Contributor III

‎08/08/2022 02:12 AM

Hello  Saviynt Team,

We have below requirement and would like to know further information on implementing the same.

Application (Endpoint): XYZ
This endpoint contains 2 entitlement types:
1. Group
2. Rights
Under each entitlement type, there are few entitlements. For example
 
Entitlement type: Group
Entitlement: analytics, payroll
 
Entitlement type: Rights
Entitlement: Read, Write, Delete
 
 
In the target application, account’s access is determined using a combination of entitlements from Group and Rights entitlement types. For example, Account A has following access:
 
Group Entitlement Type:                     Rights Entitlement type:
Analytics                                                   Read
Payroll                                                       Read, Write
 
In this example:
account has “Read” rights on “Analytics” group
 
account has “Read + Write” rights on “Payroll” group
 
 
How can we represent this kind of relationship in Saviynt?
We would want to depict that
- account has Analytics entitlement (type=group) & within Analytics, has Read entitlement (type=rights)
 
- account has Payroll entitlement (type=group) & within Payroll, had Read + Write entitlements (type=rights)
0 Kudos
1 REPLY 1

rushikeshvartak
All-Star
All-Star

‎08/08/2022 04:15 AM

This information should come from target. Let's consider even if you used application role you won't be able to achieve in saviynt.

Example Role : Account Read 

Payroll read

Here entitlement is read already assigned so it will be hard to find & revoke read entitlement


Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.
0 Kudos
Copyright © 2024 Khoros, LLC