SOAP Connector - 1st entitlement remove access is not getting updated on application end

mayankshah
New Contributor III
New Contributor III

Revoking multiple revoke access for an end user is causing the 1st entitlement to not getting revoked from application end while other remaining remove access are getting updated.

For eg: If U1 has 5 entitlements and we trigger remove access for all these 5 entitlements then the 1st entitlement will not get removed from application end but remaining 4 entitlements will get removed from application end.

Note: All remove access task are getting complete in Saviynt with status code: 200 Success response.

[{
"RUNFOREACHENT": "true",
"REQUESTXML": "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"><soapenv:Header></soapenv:Header><soapenv:Body><mesa:INTEGRATION xmlns:mesa=\"http://www.sterlingcommerce.com/mesa\"><Operation_Flag>REMOVE_PERMISSIONS</Operation_Flag><USERNAME_AND_PERMISSION_DETAILS><USERNAME>${task.accountName}</USERNAME><PERMISSION_TO_BE_REMOVED>${entTask.entitlement_valueKey.entitlement_value}</PERMISSION_TO_BE_REMOVED></USERNAME_AND_PERMISSION_DETAILS></mesa:INTEGRATION></soapenv:Body></soapenv:Envelope>",
"RESPONSEMAPPING": {
"RESPONSECODE": "Body.processData.ProcessData.ServerResponse.ResponseStatusCode"
},
"SUCCESSCRITERIA": {
"RESPONSECODE": "200"
}
}]

Thanks

 

3 REPLIES 3

DaanishJawed
Saviynt Employee
Saviynt Employee

Hi,

  • Is there any task created for the 1st entitlement which is not getting revoked? This can be found under pending tasks.
  • If the task is created, can you check what is error in the provisioning comments column for that specific task ID. This can be seen on the UI

mayankshah
New Contributor III
New Contributor III

Hi,

1. Is Task getting created for 1st entitlement -- YES

2. No error in provisioning comments -- "RESPONSECODE": "200" is the provisioning comment.

 

mayankshah_0-1677571719146.png

 

mayankshah
New Contributor III
New Contributor III

"RUNFOREACHENT": "true" was the solution for it.

It was not causing the 1st entitlement not to get revoked from the application end because the API doesn't allow you to revoke access but was giving success 200 response which started all the confusion.