and more in a single search tool across platforms. Read the announcement here. |
11/13/2023 06:22 AM
We would like to know what is the process to detect (not assigned) the roles on IGA user profiles when user already has that entitlement/group on the endpoint/target system.
We have imported roles with entitlements attached using csv file option user-role association in IGA roles import process. But we dont see any roles are detected on user profiles eventhough they have endpoint entitlements. We have seen few IDM products which automatically detect those roles on the user profiles when user alreayd member of the entitlement and tied to role. Bu they show as detected not asisgned.
this is not the case with Saviynt and not showing role info on user profile. we are on 23.8 version. Please help me on this. Do we need to do any other configuration enabled to detect roles which are not assigned?
11/13/2023 10:50 AM
You need to have detective control report to find what roles user can have and map it to user.
Check under Account - Suggested role shows the any mapping
As per my info. there is no inbuilt functionality to detect and show possible role association. You can submit idea ticket for same
11/13/2023 12:45 PM
Thank you for your response. am not finding suggested roles tab on account profile. Do we need to enable anything on global configuration for this to show on account profile tabs.
11/13/2023 01:18 PM
This is not a valid solution. When you onboard an existing application, users are already assigned the entitlements in the target endpoint. If a user already is assigned ALL of the entitlements mapped to a newly created enterprise role, then they effectively have the role. This should be an OOTB feature. This forces us to have some other process to assign roles to users who technically already have the role.
11/13/2023 09:42 PM
@SureshPatike we had a similar case and we reached out to Ops team.
As we understood this feature is not inbuilt within EIC.
We ended up doing manual work for such role assisgnment.
Please create an idea and share for upvote.
11/14/2023 05:45 AM
will do that. thank you both.
what is that manual process you have followed? is this something we need to import roles with members through CSV file? if yes then could you please guide me to saviynt documentation.
We have many roles which has entitlements and user's accouts are already memberof. Suggest us easy process to get all of those roles mapped to users.