Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Possible to have two separate entitlement types for AD groups?

Go to solution
IAM
New Contributor III
New Contributor III

‎02/27/2024 07:01 AM

Hello.

Is it possible, using maybe the endpoint filter within the AD connection, to have 2 separate entitlement types but both are AD groups?

The ask is that they have a dropdown to select between edit or read-only AD groups, then a table under that to select what region they need access to, which are also AD groups.

I know I can import AD groups using the endpoint filter but is there a way to separate the groups after that into separate entitlement types that way I can get 2 different tables?

Labels:
0 Kudos
5 REPLIES 5

Go to solution
AmitM
Valued Contributor
Valued Contributor

‎02/27/2024 07:25 AM

HI @IAM,

if you have a way to know which groups are read only or edit , which are regions . then update custom properties to store this info and use dynamic attributes to select entitlement that will match the selections.

Endpoint filter is to created child ENDPOINT not to create a different entitlement type.

Thanks,

Amit

If this answers your query, Please ACCEPT SOLUTION and give KUDOS.

0 Kudos

Go to solution
IAM
New Contributor III
New Contributor III
In response to AmitM

‎02/27/2024 07:53 AM

Yes I can add that info in the customproperty but I still need them in 2 different tables, I can't have them in the same table.

Endpoint filter was just an example because you list the memberOf entitlement type.

 

 

0 Kudos

Go to solution
AmitM
Valued Contributor
Valued Contributor
In response to IAM

‎02/27/2024 08:40 AM

I am not able to understand why you need it in two tables. Can you explain the use case? You can achieve it(Your use case) through dynamic attributes I think

0 Kudos

Go to solution
IAM
New Contributor III
New Contributor III
In response to AmitM

‎02/28/2024 09:39 AM

The reason is because the first table lets the user choose whether or not they are requesting a read only group or edit group. This would actually be a dropdown not a table.

Then the second table would be the region. Here I need to list dozens of groups they can select from.

I think what I'm going to do is create an application role and they can select readonly/edit from that, then the second table will be the region.

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star

‎02/27/2024 07:59 PM

Its not supported to have multiple entitlement type. Please raise idea ticket


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC