This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Privilige Access under entitlement type?

Go to solution
ejeong
All-Star
All-Star

‎06/28/2023 07:46 PM

ejeong_0-1688006766646.png

Can anyone explain me what's use case of this feature? And how to configure it?

 

Labels:
0 Kudos
10 REPLIES 10

Go to solution
dgandhi
All-Star
All-Star

‎06/29/2023 09:57 AM

Details provided here:

https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter02-Identity-Repository/Viewi...

 

Privileges: Privileges are granular permissions defined on an entitlement. While requesting access for the entitlement through the access request system, users can add these privileges available for the entitlements. As an administrator, you can configure privileges at an entitlement type level so these would be available for each entitlement on the entitlement type group, for request.

Privileges are optional and are only meant for those applications whose access requires control of granular permissions for the users.

As an administrator, you can define more granular permissions on entitlement for an application and allow users to request these granular permissions when they request the entitlement.

For example, consider an application (Cloud Storage Application) that has entitlement types (Finance, Resources, and Projects), and the administrator wants to allow users to have specific granular access to the entitlements within these entitlement types. This granular access can be Read, Write, etc. permissions for the files within each of the (entitlement types) Finance, Resources, and Projects.

The administrator can create privileges (attribute type: boolean) as Read and Write under the Entitlement Types (Finance, Resources, and Projects), so the users can have granular access (privileges) Read and Write while requesting access to the entitlements.

https://forums.saviynt.com/t5/privileged-access-management/use-of-privileges-in-entitlement-type/m-p...

 

 

Thanks,
Devang Gandhi
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.

Go to solution
dgandhi
All-Star
All-Star

‎06/29/2023 10:02 AM

Example Screenshot:

dgandhi_0-1688058109894.png

 

Thanks,
Devang Gandhi
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.
0 Kudos

Go to solution
ejeong
All-Star
All-Star
In response to dgandhi

‎06/29/2023 04:09 PM

@dgandhi 

Can you show me how to configure this in connection level?

0 Kudos

Go to solution
dgandhi
All-Star
All-Star
In response to ejeong

‎06/29/2023 07:18 PM

This will be configured at the entitlement type? Are you asking what needs to be passed in the connection json?

 

Thanks,
Devang Gandhi
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.
0 Kudos

Go to solution
ejeong
All-Star
All-Star
In response to dgandhi

‎06/29/2023 07:55 PM

@dgandhi 

let's assume we want to use this for DB access - Write or Ready

How to define provision entitlement A - Read only in Add Access JSON? 

How to import account/ entitlement and making sure this account is member of Entitlement A with READ permission only? 

I want to understand how it works

0 Kudos

Go to solution
Manu269
All-Star
All-Star

‎06/29/2023 08:29 PM

Thanks @ejeong 

I was also looking for the same information. 

How this fine grained access will look for recon or provisioning?

@dgandhi Please add more inputs.

Manish Kumar
0 Kudos

Go to solution
prashantChauhan
Saviynt Employee
Saviynt Employee

‎06/30/2023 08:28 AM

Hi @ejeong 

Please check the below forum post. It should give you the clarification on this. 

https://forums.saviynt.com/t5/privileged-access-management/use-of-privileges-in-entitlement-type/m-p...

 

Thanks.

 

0 Kudos

Go to solution
ejeong
All-Star
All-Star

‎07/18/2023 06:53 PM

@prashantChauhan this doc isn't explaning about provisioning

0 Kudos

Go to solution
ejeong
All-Star
All-Star

‎07/19/2023 02:18 AM

Also I want to know if this is supported in REST connector now...

0 Kudos

Go to solution
prashantChauhan
Saviynt Employee
Saviynt Employee

‎07/21/2023 05:48 AM

@ejeong While provisioning for an entitlement having the Privilege attribute, there will be another button will be shown next to the selected entitlement which can be seen in the below screenshot. It will assign the requested entitlement along with the privilege value if supported by the target application after running the WSretry job.

khalidakhter_1-1686304064815.png

And No, we currently do not support privileges in the REST connector.

 

Copyright © 2023 Khoros, LLC