Saviynt Forums

MT · ‎04/18/2024

Presently authoritative source is the AD (AD Connector) where all the user identities of the company is stored in a group and members of the group are imported to saviynt as identities. (As they do not have centralized HR system)
Second authoritative source is HR system (SuccessFactors via REST API) The purpose of integration is to manage the JML (Joiner, Mover, Leaver) process for one of the endpoints.
Given the presence of multiple authoritative sources within Saviynt, what are the critical points we need to ensure in the integration

Manu269 · ‎04/18/2024

@MT Few points :

1. I suggest to maintain an attribute at user level to identify the source.

2. Make sure the identity is unique across the 2 HR system

3. In case there is an ask to generate username or email, make sure you are adding proper logic

4. You mentioned about prov to endpoint, source can be one useful parameters

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.

MT · ‎04/19/2024

@Manu269
Regarding the uniqueness of identity: In our process, we first receive information from the HR System. Then, accounts are provisioned in the endpoint, and subsequently, the information is synced to Active Directory (i.e., the other authoritative source). We will then receive the identity information again from AD.

We are planning to implement a filter during the reconciliation of identity information from AD to exclude users which we receive information from HR system by filtering based on domain name

Saviynt Forums

Multiple Authoritative source