Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Need information regarding dynamic attributes on Application Roles

SriRanga
Regular Contributor
Regular Contributor

‎12/06/2022 05:54 AM

Hi,

We had a requirement where we have one security system and multiple end points under the same security system. User will get access from the from the Application Roles and not from the individual Entitlements.

If we have 4 applications roles under one single endpoint,

App Role1- User can request any 1 out of 4 roles

App Role2-User can request any 1 out of 4 roles

App Role3-User can request any 1 out of 4 roles

App Role4-User can request any 1 out of 4 roles

For the first time user need to select only 1 roles from the 4 application roles and once the users had selected the 1 roles for the modification user should not able to get access to the any other roles from the same endpoint.

 

Can some one let me know how can we achieve this requirement.

Regards,

Sri Ranga

Labels:
0 Kudos
3 REPLIES 3

rushikeshvartak
All-Star
All-Star

‎12/06/2022 05:56 AM

  • You can make Application role as single select /Dropbox
  • SOD can be implemented

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

SriRanga
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎12/06/2022 06:02 AM - edited ‎12/06/2022 06:02 AM

@rushikeshvartak If we make application role as single or dropbox  when the user try to add the second role from the same endpoint user can able add and submit the request or user will not able to see  any other roles after he got access from role 1.

If we have  SOD  in place it says violation found but still user can submit the request for the second Role correct me if I am wrong

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to SriRanga

‎12/06/2022 07:49 PM

for SOD - You can implement Auto Reject in Workflow.

In Single Select old role will be removed when role 2 is request role 1 will be removed


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC