Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Can we use organization and/or organization hierarchy to publish application and entitlements?

Kramerica
New Contributor II
New Contributor II

‎03/27/2024 01:32 PM

We have a requirement where certain applications and entitlements should only be available to request to certain users. (A requirement that was implemented in our legacy tool).

Can we use organization hierarchy to put these users in those organization and then publish End Points and Entitlements to that organization? 

Has anyone implemented it?

0 Kudos
5 REPLIES 5

rushikeshvartak
All-Star
All-Star

‎03/28/2024 07:45 PM

You need to use dynamic attributes for filtering.  you can't use organizations in ARS 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

PremMahadikar
All-Star
All-Star

‎04/02/2024 08:55 AM

Hi @Kramerica ,

I am not sure for your usecase, if organization hierarchy will help.

As suggested by Rushikesh, use dynamic attribute (DA) for any user's attribute (editable by user can be option), then Endpoint -> entitlement type -> "Config for Requestable Entitlement in ARS" can be used for filtering the entitlements based on users' attributes. Achieved by DA in ARS and hardcoded value in all entitlements to have mapping of selected users' attributes. Organization can be one of the user's attributes to filter. (Link for entitlement type filter)

Endpoint -> "Access Query" can be used for filtering endpoints based on users' attributes (refer link on access filter)

 

If this answers your question, please consider selecting Accept As Solution and hit Kudos

Best,
Prem Mahadikar
0 Kudos

nimitdave
Saviynt Employee
Saviynt Employee

‎04/12/2024 06:30 AM

@Kramerica , you can explore usage of access query in the endpoint details tab of the particular endpoint. Using this query you can limit the applications visible to the logged in user as per their properties.

0 Kudos

Kramerica
New Contributor II
New Contributor II
In response to nimitdave

‎04/12/2024 07:00 AM

@nimitdave 

Our requirement is to filter entitlements for an application not the application itself. 

PremMahadikar
All-Star
All-Star
In response to Kramerica

‎04/12/2024 07:33 AM

@Kramerica , Did you try with dynamic attribute to filter entitlements for an application? (as suggested above)

 

Best,
Prem Mahadikar
Copyright © 2024 Khoros, LLC