Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Removal access task not generating while using Dropdown(single) request option in Endpoint role type

Happy333
New Contributor
New Contributor

‎11/30/2023 03:48 AM

We are trying to workout on the logic , when a new user is coming to ARS and selecting for a new role and submit for access, new role need to be assigned to user and existing role must be removed from the user.
When using Dropdown(single) option, the expectation is to create two tasks one for add access, another one for remove access. But we are observing that only add access task is getting generated. Remove access task not getting generated.

Vishnu333_0-1701344815572.png

Can you please advise what are the possible reasons for this issue. Application roles already tagged with valid entitlements.

Labels:
0 Kudos
8 REPLIES 8

SumathiSomala
All-Star
All-Star

‎11/30/2023 04:32 AM - edited ‎11/30/2023 04:33 AM

@Happy333 once task is completed is existing role removed from the user?

Remove Role access when a Role is no longer | Saviynt Ideas Portal

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.
0 Kudos

Happy333
New Contributor
New Contributor
In response to SumathiSomala

‎12/04/2023 05:49 AM

@SumathiSomala Nope, Only Add access task is getting created under the ARS request for the selected role.
No removal task is getting created for the existing role revocation. So, no role removal is happening.

0 Kudos

SumathiSomala
All-Star
All-Star
In response to Happy333

‎12/04/2023 05:54 AM

@Happy333 It's an existing bug in Saviynt for Roles Dropdown(single) option

Remove Role access when a Role is no longer | Saviynt Ideas Portal

 

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.
0 Kudos

Happy333
New Contributor
New Contributor
In response to SumathiSomala

‎12/04/2023 06:13 AM

@SumathiSomala Do you mean this is a bug in the version 5.5 SP3.20? If so, Is the solution available in any latest versions? I remember this option was used and working in the previous versions. 
As of now do you have any work around to suggest to achieve this requirement?
User need to get assigned new role, then existing role need to be revoked

0 Kudos

SumathiSomala
All-Star
All-Star
In response to Happy333

‎12/04/2023 06:28 AM - edited ‎12/04/2023 07:36 AM

@Happy333 This issue not yet resolved for Roles.

Working fine for entitlements

Workaround-Try request option as Table.

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.
0 Kudos

sk
All-Star
All-Star
In response to Happy333

‎12/04/2023 07:33 AM

@Happy333 : Nope this is not yet solved. Currently product doesn't remove existing role when request-option is single drop down in case of Roles(Enterprise or Application) unlike regular entitlements


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.
0 Kudos

rushikeshvartak
All-Star
All-Star

‎12/04/2023 07:40 AM

Does assigned from roles are populated for entitlement in order to remove entitlement. 

Enterprise roles should not be tagged to any applicaiton/Endpoint


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Happy333
New Contributor
New Contributor
In response to rushikeshvartak

‎12/08/2023 12:19 AM

This is a disconnected application set up. We are consuming AD or Azure entitlements reconciled to Saviynt tagged to application roles.
So, if a user needs to hold only the new role requesting and want to instantly revoke the existing role, this was an option. Hopefully the issue will be fixed soon and this option will be available for such requirement.

0 Kudos
Copyright © 2024 Khoros, LLC