Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Logical Endpoint Entitlements Missing

Ches
New Contributor III
New Contributor III

Hi there,

A few days ago, I onboarded an endpoint, logically (A logical endpoint via the ENDPOINTS_FILTER route). This was using EntraID entitlements.

I have deployed various endpoints using this method, successfully.

There are a total of 16 entitlements within scope (All EntraID groups (AADGroup)), and as mentioned above, I have done this multiple times before so understand the process of doing so.

The logical endpoint has been deployed and is now visible, however there are only 15 entitlements being displayed under the endpoint. So there is 1 entitlement missing from the endpoint..

 

I initially thought perhaps there's a maximum limit of 15 entitlements for a logical endpoint, however after testing with a different endpoint and entitlements, I was able to see 20/20 entitlements displayed on the test application.

I have since checked and compared the missing 1 entitlement not displaying in the endpoint, with the other endpoints displaying correctly and I cannot find any difference in their configuration in EntraID or Saviynt.

 

If anyone has come across this, or has any suggestions, that would be great.

 

Thank you!

4 REPLIES 4

NM
Honored Contributor III
Honored Contributor III

Hi @Ches , do you see the entitlement in parent entitlement?

And does that entitlement follows under the filter applied?


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Ches
New Contributor III
New Contributor III

Correct, it's in the Parent Endpoint, displaying correctly.

NM
Honored Contributor III
Honored Contributor III

Okay in parent not in child endpoint .. do you see if job is failing? And can you also check if for an account reference accountkey is missing?


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Ches
New Contributor III
New Contributor III

This is now resolved.

Cause: A random trailing whitespace was added to the target entitlement name. However, the source system of the entitlement (EntraID) does not have this whitespace. This is a sperate issue in itself.

 

Fix: Include the trailing space in the entitlement names in the ENDPOINTS FILTER and then it displayed in the logical endpoint currectly.

 

Thanks for any attempted help @NM