Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAV Roles: Accounts and Entitlements not showing

Go to solution
cgarwood
New Contributor III
New Contributor III

‎02/22/2023 12:49 PM

I am trying to create a handful of custom Sav roles that align to how my organization uses Saviynt. I have been unable to get identity repository items to display correctly. I want to be able to grant read-only access to entitlements and accounts for some non-admin users. It currently only shows those which the logged in user owns rather than the full lists of all entitlements and all accounts. I have not been able to get these lists to populate outside of the ROLE_ADMIN sav role.

Is it possible to build a sav role that enables this access?

Labels:
0 Kudos
2 REPLIES 2

Go to solution
Darshanjain
Saviynt Employee
Saviynt Employee

‎02/24/2023 01:06 AM

Yes you should be able to do it, for reference you can create a role admin copy and make it read only, you should be able to view all users ,accounts and entitlements and then based on ur requirements you can remove some access which are not needed.

More info:

https://docs.saviyntcloud.com/bundle/SSM-Admin-v55x/page/Content/Chapter09-SAV-Roles/Understanding-t...

0 Kudos

Go to solution
cgarwood
New Contributor III
New Contributor III

‎03/02/2023 11:35 AM

I confirmed that the issue I was having was that the new role needed to be added to each connection so that objects that were not owned by the logged in user would be visable. Adding the endpoint in the SAV role itself was not enough to enable this visibility. The reason it worked with ROLE_ADMIN is because that is added to all connections by default.

0 Kudos
Copyright © 2024 Khoros, LLC