Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

RBAC in Saviynt

rgupta34
New Contributor
New Contributor

Hi,

Our clien tis currently having 3 level role model in SAP IDM (i.e. role -> activity -> authorization object) where roles are requestable for end users and SOD is defined at the activity level and authorization objects are provisioned in the application.

Can Saviynt have three levels in role heirarchy? I know enterprise/application role just allows mapping entitlements but is there any possibility or only role - entitlement model is supported in Saviynt

3 REPLIES 3

rushikeshvartak
All-Star
All-Star

Only role - Entitlement model is supported.

however sod can be defined at any level of entitlement as long as entitlement exists


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

rgupta34
New Contributor
New Contributor

Thanks! What are the disadvantages of using parent - child role model ? Can we do SOD checks, certifications at child role level?

  • SOD Checks are performed on Entitlement hence no issues.
  • Certification can be performed on child entitlement mapping

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.