Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

REST entitlement hierarchy management from a folder structure

soumya_deep
New Contributor
New Contributor

‎04/04/2023 04:43 AM

Hi All,

We have a requirement wherein we have to import entitlements which are present in the target as folders. So basically in target it is like Folder1(main entitlement)-> SubFolder1 (entitlement), SubFolder2 (entitlement), SubFolder3 ((entitlement) .... SubFoldern (entitlement) -> SubSubFolder1(entitlement), SubSubFolder2 (entitlement) .... n and we have to import this hierarchy in Saviynt and map them to the accounts till the nth level. Is there any limitation on the parent child entitlement hierarchy that we can import using the REST connector and map them accordingly to the accounts? Also, while requesting can we show this hierarchy structure? Please share some sample jsons, if handy.

Labels:
0 Kudos
1 REPLY 1

timchengappa
Saviynt Employee
Saviynt Employee

‎04/10/2023 12:01 PM

Hi @soumya_deep 

You should be able to achieve this requirement provided you have an API for each layer of the hierarchy as below. 
API1: Gives you relationships of Folder1(main entitlement) to all its child entitlements (all SubFolder1 entitlements...
Main Folder 1 Ent1: (SubFolder1_Ent1, SubFolder1_Ent2, SubFolder1_Ent3.....)
Main Folder 2 Ent2: (SubFolder1_Ent1, SubFolder1_Ent2, SubFolder1_Ent3.....)

API2: Gives you relationships for each entitlement in SubFolder1 to all its child entitlements (all SubFolder2 entitlements etc.

Main Folder 1 Ent1 SubFolder1_Ent1: (SubFolder2_Ent1, SubFolder2_Ent2, SubFolder2_Ent3...)
Main Folder 2 Ent1 SubFolder1_Ent1: (SubFolder2_Ent1, SubFolder2_Ent2, SubFolder2_Ent3...)

You can either map and maintain the relationship in Saviynt entitlement2(ENT2) table or in the entitlementmap(ENTMAP) table depending on whether you want to create and provision tasks when parent entitlement has been requested. 

Sample Snip of Saviynt JOSN

"listField": "",
"ent1IdPath": "_fields.Role",
"ent2IdPath": "_fields.SecurityClass",
"ent2KeyField": "entitlementID",
"targetEntType": "SecurityClass",
"mappingTypes": [
"ENT2"
],

ENTMAP - enables bi-directional mapping through entitlementmap.
ENT2 - makes the target entitlement type a child of current entitlement.

Ref: https://docs.saviyntcloud.com/bundle/Thycotic-v2022x/page/Content/Understanding-the-Integration-betw...

0 Kudos
Copyright © 2024 Khoros, LLC