Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Sav4Sav RemoveAccountJSON Functionality

BG_IAM
New Contributor III
New Contributor III

‎10/03/2024 05:53 AM

Hello,

I’ve noticed some discrepancies in the Sav4Sav RemoveAccountJSON. I came across both topics in the forum that partially address my concerns but don’t fully clarify everything.

https://forums.saviynt.com/t5/identity-governance/sav4sav-removeaccountjson-default-values-wrong/m-p...

https://forums.saviynt.com/t5/identity-governance/sav4sav-removeaccountjson-not-working/m-p/61483

I see that the documentation regarding the statuskey has been updated. Previously, it was:

 

"httpParams": "{\"username\":\"${user.username}\",\"statuskey\":\"1\"}"

 

Now, it reads:

 

"httpParams": "{\"username\": \"${user.username}\",\"statuskey\": \"${user.statuskey}\"}"

 

As a result, all operations using different definitions for statuskey are targeting USER STATUS rather than the Saviynt account status.

Let’s consider a scenario where a USER (Identity) must be ACTIVE, but their account in Saviynt should be INACTIVATED—logging in would not be possible in this case. I understand that by using the suggested RemoveAccountJSON definition and calling the API: /ECM/api/v5/updateUser, the Saviynt user and Saviynt account are associated.

To summarise, is it correct that keeping the USER (Identity) active without a Saviynt account is only feasible when no SAV role is assigned?

Thank you!

Labels:
0 Kudos
3 REPLIES 3

pmahalle
All-Star
All-Star

‎10/03/2024 06:02 AM

@BG_IAM ,

Can you elaborate more on your business use case? Do you want user active and account inactive?


Pandharinath Mahalle(Paddy)
If this reply helps your question, please consider selecting Accept As Solution and hit Kudos 🙂
0 Kudos

stalluri
Valued Contributor II
Valued Contributor II
In response to pmahalle

‎10/03/2024 06:10 AM

@BG_IAM 

1. \"statuskey\":\"0\"    // If you use this configuration this will disable user, it don't care if the user is active or inactive.
2. \"statuskey\": \"${user.statuskey}\"   //  If you use this configuration it will pick the status from user profile and update the status.


Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

BG_IAM
New Contributor III
New Contributor III

‎10/03/2024 07:58 AM

@pmahalle @stalluri  Based on the documentation and forum topics for Sav4Sav RemoveAccountJSON. The Saviynt user status equals the Saviynt account status, as these objects appear to be the same.

Is it accurate to say that a USER (Identity) can remain active without a Saviynt account only if no SAV role is assigned? I hope this clarifies things.

Thank you,

BG

0 Kudos
Copyright © 2024 Khoros, LLC