Click HERE to see how Saviynt Intelligence is transforming the industry. |
06/20/2024 01:24 AM
Hello Saviynters,
Greetings !!!
I need to build one request form in one endpoint request catalogue.
Need to have below three fields on form -
1. Roles
2. Organization Type (Cost Center and Services)
3. Organizations
However I noticed we can't create custom Organization Type . Also organization which I created is not going to table - organizations.
Then on what basis I should create Dynamic Attributes. Earlier I created DA using select query. In this case data is not existing in table. And I want to maintain Parent Child relation between DAs.
For timebeing , tried using Enum however with that endpoint stop loading existing access in request catalogue. Though I removed DAs still its not loading accesses.
Kindly Guide.
Best Regards
Shraddha
Solved! Go to Solution.
06/20/2024 09:02 PM
Hi @Shraddha ,
- Create different dynamic attributes to fetch data from respective tables.
- Organization created is found in the table customer
Sample query: select CUSTOMERNAME as id from customer where STATUS=1
- Right, custom organization type can't be created! But you use customproperty of organization to create different types. The same can be pulled in DA. This way you can maintain relation between DAs.
Sample query: select CUSTOMPROPERTY1 as id from customer group by CUSTOMPROPERTY1
If this helps, please consider selecting Accept As Solution and hit Kudos
06/21/2024 12:30 AM
Thanks Prem , this helps.
My next ask is ,
I want to fetch only those Roles which are tagged to Organization and I checked Customer table wherein no Role information is being saved, which I provided during Organization creation.
Based on Role I want to fetch corresponding organization type and
Based on Role + Organization Type I need to load Organizations and
Based on Role + Organization Type + Organization I need to load Entitlements 🙂
So what Action String i should mention ? Can you share screenshot of DA please.
Also if requestor is not selecting anything from any Dynamic Attribute requester can select any entitlement which does not belong to above combination then 1st Approval will be general supervisor and second approval will be App Team Approval. I am working on workflow implementation parallelly.
Kindly guide. Many Thanks in Advance.
Best Regards
Shraddha Rahate
06/23/2024 05:42 AM
Hi @Shraddha ,
Please find the below complete solution for your request form -
Q. I want to fetch only those Roles which are tagged to Organization and I checked Customer table wherein no Role information is being saved, which I provided during Organization creation
- Roles tagged under the organization are present in the table customer_roles
Run the below Query:
select
(select ROLE_NAME from roles where ROLEKEY=cr.CUSTOMERKEY) as 'Role Name',
(select CUSTOMERNAME from customer where CUSTOMERKEY=cr.CUSTOMERKEY) as 'Org Name'
from
customer_roles cr
Q. Based on Role I want to fetch corresponding organization type and
- In Role dynamic attribute (DA1), assuming you are using simple single select query to fetch all roles:
select ROLE_NAME as id from roles
- In Org Type dynamic attribute (DA2), use single select query where values are configured inside customer table for any customproperty value:
select c.customproperty1 as id from customer c,customer_roles cr, roles r where c.CUSTOMERKEY=cr.CUSTOMERKEY and cr.ROLEKEY=r.ROLEKEY and ROLE_NAME in (${a})
Q. Based on Role + Organization Type I need to load Organizations and
This can't be achievable. Check this article for reference - https://forums.saviynt.com/t5/identity-governance/multiple-attributes-support-in-parent-attribute-se...
- Workaround would be: you can concat both organisation and organisation type together in one Dynamic attribute (DA2)
select distinct concat(c.customername,' - ',c.customproperty1) as id from customer c,customer_roles cr, roles r where c.CUSTOMERKEY=cr.CUSTOMERKEY and cr.ROLEKEY=r.ROLEKEY and ROLE_NAME in (${role})
Preview:
Q. Based on Role + Organization Type + Organization I need to load Entitlements
So what Action String i should mention ? Can you share screenshot of DA please.
Use 'Config for Requestable Entitlement in ARS' option from entitlement type
Syntax: ev.entitlement_value=concat('${role}','_',substring_index('${orgtype}','-',1))
Q. Also if requestor is not selecting anything from any Dynamic Attribute requester can select any entitlement which does not belong to above combination
Your original request is on request form. For workflow, please raise another request as it will help other engineers with similar use-case to find the solution quickly.
Please select Accept As Solution and give Kudos if this solution helps you!
06/23/2024 08:54 PM
Hello Prem,
That s Great . And Amazed to see your prompt responses , in very organized way.
Thanks a lot for sparing time to provide expert guidance. I will start working on this and keep you posted update.
Best Regards
Shraddha Rahate
06/24/2024 09:49 AM
Hello Prem,
Request Form is working fine... I left with two things, I will work on it , one is DA for Show / No Show filters and another is displaying all entitlements if nothing is selected.
Simultaneously I started creating workflow wherein 1st approval I need from Org Owner 🙂 And I came across with your one of post wherein you suggested this doc -
dynamicAttributes.get('organizations') will give me value selected from request form but where to use and how to use ? I have one of DA , organizations.
${organizationOwner} This one found in document but dont know syntax to use it.
Do I need to use custom assignment task in workflow?
Many Thanks
Best Regards
Shraddha Rahate
06/26/2024 07:44 AM
Hello Prem,
Done with workflow implementation. 1st approval is going to Org Owner correctly.
But account remains in Manually Provisioned state instead of Active though I executed Account Import Job.
I noticed in workday connection , CREATE_ACCOUNT_PAYLOAD is black. I am suspecting this is causing the issue.
Any suggestion please .
Best Regards
Shraddha Rahate
06/27/2024 11:38 AM
Please create new thread for new issue.
06/20/2024 10:35 PM
Can you share screenshot of request form and configs