Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Pre-populate Role metadata during provisioning

AG
Regular Contributor II
Regular Contributor II

‎10/23/2023 05:41 AM - last edited on ‎10/25/2023 01:33 AM by Community Manager

Hi All,

We have a requirement to read Role metadata during provisioning.

The Role will be assigned as birthright to the user and based on the metadata information we need to trigger account provisioning and populate the Role metadata attribute value to the endpoint.

Similarly, if a functional role is assigned to the user, then the metadata attributes of the functional role will take precedence and Saviynt needs to update these to the endpoint.

Looking for some guidance, if you have come across similar requirement and what are the options available from to fulfill this requirement.

Any pointers here?

[This message has been edited by moderator to merge reply comment]

1 person had this problem.
Labels:
0 Kudos
8 REPLIES 8

kmashwini
New Contributor III
New Contributor III

‎10/29/2023 10:39 PM

Hi ,

I am also facing same issue , Can any one support/assist on this. I tried with the following syntax but doesn't work

${task.assignedFromRole.customproperty1}

0 Kudos

prasannta
Saviynt Employee
Saviynt Employee

‎10/30/2023 06:45 AM

Hi @AG 

I'm checking on how this use case be achieved. Will check and confirm.

Thanks

0 Kudos

prasannta
Saviynt Employee
Saviynt Employee

‎11/01/2023 11:54 AM

Hi @AG 

The only way to fetch metadata values and pass it to endpoint would be using dynamic attributes i.e. requestAccessAttributes. But this will only work if the request is placed using ARS. For birthright provisioning, right now there is no way to pass role metadata. Alternate option would be to map values to entitlement values and pass those to account during provisioning.

Thanks

0 Kudos

AG
Regular Contributor II
Regular Contributor II
In response to prasannta

‎11/01/2023 08:53 PM

Hi @prasannta  - Thanks for the confirmation. Do you know if this will be included in future Saviynt releases? 

In our scenario, the application does not have any entitlements as such and the provisioning is driven by role metadata only.

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to AG

‎11/01/2023 08:58 PM

Without entitlement how role can be created ?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

AG
Regular Contributor II
Regular Contributor II
In response to rushikeshvartak

‎11/01/2023 09:11 PM

Hi @rushikeshvartak  - This is a birthright ER , it has entitlements for other endpoints. For the EP in question does not have any entitlement as such but we need to update EP attributes from Role metadata during provisioning.

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to AG

‎11/01/2023 09:30 PM

During role provisioning you want to populate endpoint metadata is that correct use case?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

AG
Regular Contributor II
Regular Contributor II
In response to rushikeshvartak

‎11/01/2023 09:59 PM

Assign Role (Birthright) -> Fetch Role metadata -> Provision EP with Role metadata values. If not possible OOTB , what are the recommended options?

0 Kudos
Copyright © 2024 Khoros, LLC