We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Removal access task not generating while using Dropdown(single) request option in Endpoint role type

Happy333
New Contributor
New Contributor

We are trying to workout on the logic , when a new user is coming to ARS and selecting for a new role and submit for access, new role need to be assigned to user and existing role must be removed from the user.
When using Dropdown(single) option, the expectation is to create two tasks one for add access, another one for remove access. But we are observing that only add access task is getting generated. Remove access task not getting generated.

Vishnu333_0-1701344815572.png

Can you please advise what are the possible reasons for this issue. Application roles already tagged with valid entitlements.

8 REPLIES 8

SumathiSomala
All-Star
All-Star

@Happy333 once task is completed is existing role removed from the user?

Remove Role access when a Role is no longer | Saviynt Ideas Portal

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.

@SumathiSomala Nope, Only Add access task is getting created under the ARS request for the selected role.
No removal task is getting created for the existing role revocation. So, no role removal is happening.

@Happy333 It's an existing bug in Saviynt for Roles Dropdown(single) option

Remove Role access when a Role is no longer | Saviynt Ideas Portal

 

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.

@SumathiSomala Do you mean this is a bug in the version 5.5 SP3.20? If so, Is the solution available in any latest versions? I remember this option was used and working in the previous versions. 
As of now do you have any work around to suggest to achieve this requirement?
User need to get assigned new role, then existing role need to be revoked

@Happy333 This issue not yet resolved for Roles.

Working fine for entitlements

Workaround-Try request option as Table.

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.

@Happy333 : Nope this is not yet solved. Currently product doesn't remove existing role when request-option is single drop down in case of Roles(Enterprise or Application) unlike regular entitlements


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

rushikeshvartak
All-Star
All-Star

Does assigned from roles are populated for entitlement in order to remove entitlement. 

Enterprise roles should not be tagged to any applicaiton/Endpoint


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

This is a disconnected application set up. We are consuming AD or Azure entitlements reconciled to Saviynt tagged to application roles.
So, if a user needs to hold only the new role requesting and want to instantly revoke the existing role, this was an option. Hopefully the issue will be fixed soon and this option will be available for such requirement.