Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAV Role - Restrictions to Web Service Access permissions for API Account

Go to solution
ArW
New Contributor III
New Contributor III

‎09/12/2024 12:13 AM

Hello,

When giving permissions to a user by a SAV Role, the access is conditioned by the user's ownership of objects in Saviynt.

For example, even if a user has access to 
Home > Manage Entitlements > Update Existing Entitlements, thanks to a SAV Role, the user can only list and update entitlements that he is the owner of. 

This is however not the case for Web Service Access.
When providing a new API user the permission webservice_apii_v5_getEntitlements via a SAV Role, even if the account has no ownership of any entitlement or endpoint, he is still able to request all entitlements from all endpoints.

Is it possible to restrict access for API accounts so that they could only be allowed to request entitlements for a specific endpoint or entitlements they are an owner of ?

Thank you

Labels:
0 Kudos
1 REPLY 1

Go to solution
rushikeshvartak
All-Star
All-Star

‎09/12/2024 09:13 AM

Currently its not supported raise idea ticket


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
Copyright © 2024 Khoros, LLC