Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Request Form on Request Catalogue

Shraddha
New Contributor III
New Contributor III

Hello Saviynters,

Greetings !!!

I need to build one request form in one endpoint request catalogue.

Need to have below three fields on form -

1. Roles

2. Organization Type (Cost Center and Services)

3. Organizations

 

However I noticed we can't create custom Organization Type . Also organization which I created is not going to table - organizations.

 

Then on what basis I should create Dynamic Attributes.  Earlier I created DA using select query. In this case data is not existing in table. And I want to maintain Parent Child relation between DAs.

For timebeing , tried using Enum however with that endpoint stop loading existing access in request catalogue. Though I removed DAs still its not loading accesses. 

Kindly Guide.

Best Regards

Shraddha

8 REPLIES 8

PremMahadikar
All-Star
All-Star

Hi @Shraddha ,

- Create different dynamic attributes to fetch data from respective tables.

- Organization created is found in the table customer 

Sample query: select CUSTOMERNAME as id from customer where STATUS=1

- Right, custom organization type can't be created! But you use customproperty of organization to create different types. The same can be pulled in DA. This way you can maintain relation between DAs.

Sample query: select CUSTOMPROPERTY1 as id from customer group by CUSTOMPROPERTY1

 

If this helps, please consider selecting Accept As Solution and hit Kudos

Thanks Prem , this helps.

My next ask is , 

I want to fetch only those Roles which are tagged to Organization and I checked Customer table wherein no Role information is being saved, which I provided during Organization creation.

Based on Role I want to fetch corresponding organization type and

Based on Role + Organization Type I need to load Organizations and 

Based on Role + Organization Type + Organization I need to load Entitlements   🙂  

So what Action String i should mention ? Can you share screenshot of DA please. 

Also if requestor is not selecting anything from any Dynamic Attribute requester can select any entitlement which does not belong to above combination then 1st Approval will be general supervisor and second approval will be App Team Approval.  I am working on workflow implementation parallelly.

 

Requirement-1.png

Kindly guide. Many Thanks in Advance.

 

Best Regards

Shraddha Rahate 

 

Hi @Shraddha ,

Please find the below complete solution for your request form -

Q. I want to fetch only those Roles which are tagged to Organization and I checked Customer table wherein no Role information is being saved, which I provided during Organization creation

- Roles tagged under the organization are present in the table customer_roles

Run the below Query:

 

select 
	(select ROLE_NAME from roles where ROLEKEY=cr.CUSTOMERKEY) as 'Role Name', 
	(select CUSTOMERNAME from customer where CUSTOMERKEY=cr.CUSTOMERKEY) as 'Org Name' 
from 
	customer_roles cr

 

Q. Based on Role I want to fetch corresponding organization type and

- In Role dynamic attribute (DA1), assuming you are using simple single select query to fetch all roles:

 

select ROLE_NAME as id from roles

 

- In Org Type dynamic attribute (DA2), use single select query where values are configured inside customer table for any customproperty value:

 

select c.customproperty1 as id from customer c,customer_roles cr, roles r where c.CUSTOMERKEY=cr.CUSTOMERKEY and cr.ROLEKEY=r.ROLEKEY and  ROLE_NAME in (${a})

 

Q. Based on Role + Organization Type I need to load Organizations and 

This can't be achievable. Check this article for referencehttps://forums.saviynt.com/t5/identity-governance/multiple-attributes-support-in-parent-attribute-se...

- Workaround would be: you can concat both organisation and organisation type together in one Dynamic attribute (DA2)

 

select distinct concat(c.customername,' - ',c.customproperty1) as id from customer c,customer_roles cr, roles r where c.CUSTOMERKEY=cr.CUSTOMERKEY and cr.ROLEKEY=r.ROLEKEY and  ROLE_NAME in (${role})

 

Preview:

PremMahadikar_1-1719067501522.png

Q. Based on Role + Organization Type + Organization I need to load Entitlements 

So what Action String i should mention ? Can you share screenshot of DA please.

Use 'Config for Requestable Entitlement in ARS' option from entitlement type

Syntax: ev.entitlement_value=concat('${role}','_',substring_index('${orgtype}','-',1))

PremMahadikar_0-1719116798588.png

Q. Also if requestor is not selecting anything from any Dynamic Attribute requester can select any entitlement which does not belong to above combination

  • Introduce a new mandatory dynamic attribute (DA0) example 'Select the role and organisation' with value 'Yes/No'.
  • Based on this you can display DA1 and DA2 for the selection DA0 as 'No'
  • If Yes, show DA1 and DA2.
  • For this kind of setup, the 'Config for Requestable Entitlement in ARS' option from entitlement type will also change
  • Sample: (('${DA0}'='No' and 1=1) or ('${DA0}'='Yes' and ev.customproperty10=concat('${role}','_',substring_index('${orgtype}','-',1))))

 

Your original request is on request form. For workflow, please raise another request as it will help other engineers with similar use-case to find the solution quickly. 

 

Please select Accept As Solution and give Kudos if this solution helps you!

 

Hello Prem,

That s Great . And Amazed to see your prompt responses , in very organized way.  

Thanks a lot for sparing time to provide expert guidance.   I will start working on this and keep you posted update.

Best Regards

Shraddha Rahate

 

Hello Prem,

Request Form is working fine... I left with two things, I will work on it , one is DA for Show / No Show filters and another is displaying all entitlements if nothing is selected.

Simultaneously I started creating workflow wherein 1st approval I need from Org Owner 🙂 And I came across with your one of post wherein you suggested this doc - 

https://docs.saviyntcloud.com/bundle/TPAG-Guide-v24x/page/Content/Exposing-Organization-Object-varia...

dynamicAttributes.get('organizations')   will give me value selected from request form but where to use and how to use ?    I have one of DA , organizations.

${organizationOwner}  This one found in document but dont know syntax to use it.

Do I need to use custom assignment task in workflow?

Many Thanks

Best Regards

Shraddha Rahate

Shraddha
New Contributor III
New Contributor III

Hello Prem,

Done with workflow implementation.  1st approval is going to Org Owner correctly.

But account remains in Manually Provisioned state instead of Active though I executed Account Import Job.

I noticed in workday connection , CREATE_ACCOUNT_PAYLOAD is black.  I am suspecting this is causing the issue.

Any suggestion please .

Best Regards

Shraddha Rahate

Please create new thread for new issue.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

rushikeshvartak
All-Star
All-Star

Can you share screenshot of request form and configs


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.