Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Mapping Entitlements from a different endpoint during create account

Go to solution
Ben
New Contributor II
New Contributor II

‎05/06/2024 07:38 PM

Hi All,

Requirement - Map an entitlement from a one endpoint (Okta) when an account is created in target application to enable SSO.

Situation - I've onboarded an application that exposes a SCIM endpoint but does not expose any entitlements. I arbitrarily mapped a specific account attribute (user type) as an entitlement, thinking I could then use this with entitlement mapping to map across to the Okta application to enable SSO to the application post account creation.

Issue - Create Account JSON does not do any entitlement mapping for accounts (from my understanding) and the entitlements will only map to the account using the import account and import access scheduled jobs, which will be scheduled.

Is there a way to map entitlements across endpoints as part of the create account process?

0 Kudos
8 REPLIES 8

Go to solution
rushikeshvartak
All-Star
All-Star

‎05/06/2024 08:10 PM

No you can't map entitlements as part of create account json


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Go to solution
Ben
New Contributor II
New Contributor II

‎05/06/2024 08:29 PM

Hi @rushikeshvartak,

As I said, i know this can't be done as part of the create account json.

I'm just wondering if there is a way to achieve this as part of the overall create account process. We have a large number of apps where we would need to create an account in the target application and also provide access to the application via our IDP (different endpoint entitlement) at the same time.

0 Kudos

Go to solution
NM
Regular Contributor III
Regular Contributor III
In response to Ben

‎05/06/2024 10:37 PM

Hi @Ben, if you want to assign a group at the time of account creation ftom a particular endpoint for SSO.. you can use entitlement with new account functionality.

Go to solution
Ben
New Contributor II
New Contributor II
In response to NM

‎05/08/2024 04:11 PM

Thanks, @NM. This is exactly what I was looking for!

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to Ben

‎05/08/2024 08:14 PM

There is known issue that if request gets rejected entitlement will be still assigned 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Go to solution
NM
Regular Contributor III
Regular Contributor III
In response to rushikeshvartak

‎05/08/2024 08:21 PM

@rushikeshvartak , is it in newer or older verison .. haven't encountered it

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to NM

‎05/08/2024 08:27 PM

I have seen in older versions


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to Ben

‎05/07/2024 07:49 PM

Use Enterprise roles


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC