We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Need information regarding dynamic attributes on Application Roles

SriRanga
Regular Contributor
Regular Contributor

Hi,

We had a requirement where we have one security system and multiple end points under the same security system. User will get access from the from the Application Roles and not from the individual Entitlements.

If we have 4 applications roles under one single endpoint,

App Role1- User can request any 1 out of 4 roles

App Role2-User can request any 1 out of 4 roles

App Role3-User can request any 1 out of 4 roles

App Role4-User can request any 1 out of 4 roles

For the first time user need to select only 1 roles from the 4 application roles and once the users had selected the 1 roles for the modification user should not able to get access to the any other roles from the same endpoint.

 

Can some one let me know how can we achieve this requirement.

Regards,

Sri Ranga

3 REPLIES 3

rushikeshvartak
All-Star
All-Star
  • You can make Application role as single select /Dropbox
  • SOD can be implemented

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

@rushikeshvartak If we make application role as single or dropbox  when the user try to add the second role from the same endpoint user can able add and submit the request or user will not able to see  any other roles after he got access from role 1.

If we have  SOD  in place it says violation found but still user can submit the request for the second Role correct me if I am wrong

for SOD - You can implement Auto Reject in Workflow.

In Single Select old role will be removed when role 2 is request role 1 will be removed


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.