Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Workflow: Request to be auto approved if entitlement owner requests for it.

Kaustubh
New Contributor III
New Contributor III

We have a requirement as follows:
If entitlement owner requests for the entitlement, the request should get auto approved.

If requestor is not entitlement owner, the request should be routed to manager for approval.

I found below query on forum but it is not working for me:

role.ownerRank1.contains(requestedby.username)

Solved: Workflow: Check if App Role Owner is submitting th... - Saviynt Forums - 20679

Tried other queries too but no help

(com.saviynt.ecm.identitywarehouse.domain.Entitlement_values.executeQuery("SELECT count(*) FROM Entitlement_values ev,Entitlementowners eo WHERE ev.id=eo.id and ev.rank=1 and ev.entitlement_Value='${entitlement.entitlement_Value}' ").size()!=1)

entitlement.getOwnerRank1().

entitlement.allowner.contains(requestedby.username)

entitlement.allowner.contains(user.username)

The workflow I have created is :

Kaustubh_0-1713348917842.png

 

While I submit the request, I get error as

Kaustubh_1-1713348942859.png

 

Kaustubh Pawar
Saviynt Certified IGA Professional
28 REPLIES 28

Raghu
Valued Contributor III
Valued Contributor III

Use below try

entitlement.getOwnerRank1().contains(requestedby.username) eq true


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

Kaustubh
New Contributor III
New Contributor III

Tried but same error 'Request not Submitted. Please contact your administrator.'

Kaustubh Pawar
Saviynt Certified IGA Professional

Raghu
Valued Contributor III
Valued Contributor III

directly enttiltment it wont get u need specify application

use like

CR_0-1713353987334.png

 

 


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

Kaustubh
New Contributor III
New Contributor III

I tried but same issue

Kaustubh_0-1713358266912.png

 

Kaustubh Pawar
Saviynt Certified IGA Professional

@Kaustubh : Are you trying to validate the Application Role Owner or Entitlement Owner. If Application Role Owner then use below condition

role.ownerRank1.contains(requestedby.username)

If it is Entitlement Owner then use below condition

entitlement.getOwnerRank1().contains(requestedby.username) eq true   

And make sure that you didn't select groovy as expression language


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Kaustubh
New Contributor III
New Contributor III

@Saathvik @Raghu :

Yes.

The use case is for Entitlement owner, and I have not selected any expression language now but same error 'Request not submitted. Contact your administrator'.

Kaustubh_0-1713408513087.png

 

Kaustubh Pawar
Saviynt Certified IGA Professional

Change language to groovy 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Raghu
Valued Contributor III
Valued Contributor III

yes if using roles then use below condition insteadof entilemnt

role.ownerRank1.contains(requestedby.username)

 and same workflow try it

 


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

Please share workflow zip


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

 
Kaustubh Pawar
Saviynt Certified IGA Professional

Kaustubh
New Contributor III
New Contributor III

@rushikeshvartak 

When I am trying to submit a request as an entitlement owner, I am getting an error message 'Request not submitted. Contact your administrator'.

The request should be auto approved if entitlement owner is submitting a request else it should be router to manager for approval.

Kaustubh_0-1713425064663.png

 

Kaustubh Pawar
Saviynt Certified IGA Professional

@Kaustubh :  Can you please share the logs when you are getting the error? Also without Entitlement Owner check if-else block were you able to submit the request?


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Kaustubh
New Contributor III
New Contributor III

With this current workflow, I am able to submit the request. But in this case, I have raised a request for one user already having an account and I am entitlement owner of rank 1. I want the request should be auto approved since the entitlement owner has raised the request, but it is going to the manager for approval.

Kaustubh_0-1713456538672.png

 

Kaustubh Pawar
Saviynt Certified IGA Professional

@Kaustubh : Change owner check condition as below

entitlement.getOwnerRank1().contains(requestedby.username) eq true or entitlement.getOwnerRank1().contains(user.username) eq true

 


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Raghu
Valued Contributor III
Valued Contributor III

@Kaustubh can remove all just give start and grant access and end

and try to submit the request or not check it ? get logs 


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

Kaustubh
New Contributor III
New Contributor III

I tried and the request is approved.

Kaustubh Pawar
Saviynt Certified IGA Professional

Requestor is Entitlement owner or End user is entitlement owner


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Requestor is entitlement owner requesting on behalf of end user.

Kaustubh Pawar
Saviynt Certified IGA Professional

Kaustubh
New Contributor III
New Contributor III

@rushikeshvartak @Saathvik 

When requestor: entitlement owner

beneficiary: end user

If entitlement owner selects multiple entitlements for which he is not the owner along with the one for which he is the owner, then the other entitlements request should be routed to respective entitlement owners. Currently other entitlements are routed to manager for approval.

Kaustubh Pawar
Saviynt Certified IGA Professional

You can modify workflow based on sugesstion and prepare table and test all use case

RequestorEnd UserEntitlement 1 OwnerExpected behaviourEnt 2 Owner
RushiKaustubhRushiAuto ApproveN/a
     
     
     

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

requestorend userentitlementsexpected behaviour
RushiKaustubhent1, ent2ent1 auto approved. Ent 2 router for ent owner approval
RushiKaustubhent2Ent2 routed for ent2 owner approval

Here Rushi is owner for entitlement 1

Kaustubh Pawar
Saviynt Certified IGA Professional

@Kaustubh : If requestor is owner of any entitlement in system you need that to be sent it to entitlement owner instead of manager? 

If requestor is not entitlement owner then you still need it to be routed to manager instead of owner?


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Kaustubh
New Contributor III
New Contributor III

Kaustubh is owner of entitlement1, Saathvik is owner of entitlement2.

Kaustubh submits a request for user with entitlement1 and entitlement2. 

Entitlement1 should be auto approved while entitlement2 should be routed to Saathvik for approval.

Can we do this?

Kaustubh Pawar
Saviynt Certified IGA Professional

Each reply your requirement are changing. Now you are ask is Entitlement owner instead of manager ?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

@Kaustubh: Okay can you also explain below scenarios in the same example you gave.

  1. What if Kaustubh is not owner of any entitlement but he is submitting request, then in that case what is your expected flow?
  2. What if Kaustubh is owner of entitlement3 but submitting request for user with entitlement1 and entitlement2 then what is the your expected flow?

 


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Kaustubh
New Contributor III
New Contributor III

For both of the scenarios mentioned by you, same flow is expected:

As Kaustubh is not the owner of any entitlements submitted in the request, the account request route to Manager and entitlement request to respective entitlement owner.

 

Kaustubh Pawar
Saviynt Certified IGA Professional

@Kaustubh : I don't think it is possible to achieve all your scenarios. Either you keep your manager approval as first level for all scenarios and then auto approve the request at 2nd level if requestor is owner of entitlement otherwise goes through respective entitlement owner. 

OR

Request will be auto approved for entitlement where requestor is owner otherwise whatever flow you want (Either manager + entitlement owner or just manager or just entitlement owner) will be applied for all else scenarios.


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

You need to have manager as well entitlement owner in workflow


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.