Click HERE to see how Saviynt Intelligence is transforming the industry. |
02/27/2024 07:01 AM
Hello.
Is it possible, using maybe the endpoint filter within the AD connection, to have 2 separate entitlement types but both are AD groups?
The ask is that they have a dropdown to select between edit or read-only AD groups, then a table under that to select what region they need access to, which are also AD groups.
I know I can import AD groups using the endpoint filter but is there a way to separate the groups after that into separate entitlement types that way I can get 2 different tables?
Solved! Go to Solution.
02/27/2024 07:25 AM
HI @IAM,
if you have a way to know which groups are read only or edit , which are regions . then update custom properties to store this info and use dynamic attributes to select entitlement that will match the selections.
Endpoint filter is to created child ENDPOINT not to create a different entitlement type.
Thanks,
Amit
If this answers your query, Please ACCEPT SOLUTION and give KUDOS.
02/27/2024 07:53 AM
Yes I can add that info in the customproperty but I still need them in 2 different tables, I can't have them in the same table.
Endpoint filter was just an example because you list the memberOf entitlement type.
02/27/2024 08:40 AM
I am not able to understand why you need it in two tables. Can you explain the use case? You can achieve it(Your use case) through dynamic attributes I think
02/28/2024 09:39 AM
The reason is because the first table lets the user choose whether or not they are requesting a read only group or edit group. This would actually be a dropdown not a table.
Then the second table would be the region. Here I need to list dozens of groups they can select from.
I think what I'm going to do is create an application role and they can select readonly/edit from that, then the second table will be the region.
02/27/2024 07:59 PM
Its not supported to have multiple entitlement type. Please raise idea ticket