Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Request Option(Drop Down(Single)) of Entitlement Type - remove only previously requested access

ghrk
New Contributor
New Contributor

‎06/24/2024 05:39 AM

Hi,

An endpoint has three entitlements ENT1, ENT2, ENT3.
ENT1 is a birthright access for all the users and assigned to all the users using technical rules
ENT2 and ENT2 are requestable.

We have a requirement, when user requests for ENT2 then user should get ENT2 and ENT1 should not be removed., now user have ENT1 and ENT2
When user requests for ENT3 then ENT3 should be assigned and only ENT2 should be removed i.e now user should have ENT1 and ENT3

We tried using Request Option(Drop Down Single), it removes all the existing access and assign only the newly requested access. It does not keep the birthright access.
Can you please share the configuration to achieve this usecase

Thanks

0 Kudos
6 REPLIES 6

naveenss
All-Star
All-Star

‎06/24/2024 05:44 AM

Hi @ghrk is the below parameter under the entitlement type is turned on?

Exclude Entitlements Assigned via Rule while Request

 

Regards,
Naveen Sakleshpur
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.
0 Kudos

NM
Honored Contributor II
Honored Contributor II

‎06/24/2024 06:02 AM

Hi @ghrk , toggle the button to on for config

"Exclude Entitlements Assigned via Rule while Request".. as entitlement assigned via rule will have seperate column filled in table.

0 Kudos

rushikeshvartak
All-Star
All-Star

‎06/24/2024 08:53 PM

 

Use request option as Table instead of Drop-Down

 

@NM  @naveenss  FYI - Its just used for hiding 

Exclude Entitlements Assigned Via Rule While Request

Set to Yes if you want to exclude the mapped entitlement values in the request when the user selects the parent entitlement.

Set to No if you want to disable excluding the mapped entitlement

values of the parent entitlement.

Refer https://docs.saviyntcloud.com/bundle/KBAs/page/Content/Birthright-accesses-are-not-shown-in-the-Sele... 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

NM
Honored Contributor II
Honored Contributor II

‎06/25/2024 01:58 AM

Hi @rushikeshvartak , Thanks for the info, but are you stating it is used in the case of request filter?

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to NM

‎06/25/2024 10:21 AM

Request filter just used for Show and Hide and not to prevent task removal.

  • In JSON you can specify if entitlement cp1= BIRTHRIGHT then don't remove access.

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

GSR
Regular Contributor
Regular Contributor

‎06/25/2024 09:30 AM

Hello  @ghrk 

you can use enhanced query to ignore removal tasks related to ET1, setup trigger chain job with enhanced query job preceding WSRETRY job

Thanks

0 Kudos
Copyright © 2024 Khoros, LLC