Activity in IGA Implementation
Active Directory best practice
Short DescriptionAD is one of the most commonly used connector. This article provides best practices for configuring AD connectorApplicable versionAll versionsDetail best practiceTry to use ObjectGUID as reconciliation Attribute in Account_Attribute ...
Best practice for Inline Preprocessing
Short Description:Inline Preprocessing was introduced in Saviynt IGA solution v5.4.2 or later to achieve the following goals:Avoid database locking caused by concurrent custom queries or resource-intensive database computing jobs on the SSM schema.Se...
Recommendations of using Archival jobs
TitleRecommendations of using Archival jobsShort DescriptionArchival jobs are essential for maintaining data integrity, complying with regulatory requirements, and optimizing system performance, Also is the process of collecting older data and movi...
Role Design Best Practice
Short DescriptionBest Practices to be followed during Role Creation/Modification. Role are used to club together multiple types of access from a single or multiple endpoints and grant it to user in a single request.Applicable versionAllBest Practices...
Saviynt API Best Practices
Short DescriptionBest practices guide for the recommended guidelines for effectively managing Saviynt API service account (Saviynt user identities) used for generating bearer token for authentication of various Saviynt APIs.Applicable versionAll vers...
Developing Lighter, Faster and Effective IGA Reports.
Short Description : Reporting is an essential and important function in a IGA implementation. Reporting helps to evaluate an IGA implementation on many points like governance, efficiency, effectiveness, usability, performance etc To make sure that IG...
User import best practices
Short Description:Best practices to follow while importing an identity as Saviynt user from an authoritative source.Applicable versions:All versionsDetail best practice:Use the out of the box connector instead of custom connector or a generic REST co...
Best Practices for building Extensions
Short DescriptionSaviynt provides support to execute and invoke extensions or custom jars from various application modules. Below are a few Do's and Don'ts that should be followed while building oneApplication versionAll VersionsDetailed best practi...
Various Usage of Dynamic Attributes
Short Description:Dynamic Attributes are very important tool to address the form specific use cases. This document talks about the best usage of dynamic attributes for different use cases.Application VersionAll versionsDetailed Best PracticeHow to us...
Connector best practice
Short DescriptionThe connector are key module that integrates Saviynt with the target application. Following are the best practice to configure connectors to avoid issues and performance improvement.Applicable versionAll version unless specifically m...
TPAG | Guidance on GSP Customization
Document Purpose: The Saviynt provide feasibility to do the customization of the create/update user request page as one of part of Third party access Governance (TPAG). Using this feature the create and user update request page can be c...
Base url usage in email templates
Short Description:The email templates can have reference to the deep links specific to the environment where it is deployed. For example, when an email is sent for campaign, the email will refer to the specific certification for the end user, created...
Where to Store user's sensitive information
Short Description - Often user community asks where to store user's sensitive information in Saviynt. We will talk about the different attribute types which Saviynt provide to store sensitive information.Detailed best practice - Saviynt provides two ...
SMTP Best Practices
Short DescriptionThis document provides an overview of the best practices while configuring the SMTP to offer a seamless experience to the end users and avoid email failures.Applicable version5.5SP3.X & 2021 & LaterDetail best practiceEnsure the Rate...
Import Tips - Connector selection & config to avoid failures
Short Description - This best practice is intended to help Application Administrators with the type of import based on business scenario and use cases. This is mainly applicable when Saviynt provides more than one type of connector for an integrati...
Avoid Reminder values in unit of minutes
Short Description - We have options to set values 1-10 minutes in reminder due option in approval node in a workflow . The reminder values set in minutes can cause the reminder emails to sent unexpectedly. For example if email history job is set for...
Document KPIs and KRIs before you baseline your IGA Implementation
Short Description:There will be customers who are starting their IGA journey, or re-baselining their IGA journey. In both scenarios, it is a good idea to revisit your IGA KPIs and KRIs and re-align with their IGA objectives. This document talks about...
Certifications Best Practices
Certifications Best PracticesBest practices to be considered before launching Campaigns.Applicable versionAllBest Practices (Applicable to All Types of Campaigns)Always review the campaign configurations carefully before launching the campaigns unles...
How to send the encrypted email from SSM
Use case: How to send the encrypted email from SSM for credentials notification to End-userSolution: Saviynt doesn’t support encrypted message directly for end user. However Encrypted message can be sent by using O365 as SMTP rel...
Avoid using Cross module email variables
Short Description - Saviynt does not have a guardrail to stop users from using same email variable across different modules. This leads to issues during implementation and users dont get desired result from email template.Detailed best practiceSaviyn...
Design template workflows for expediting application on-boarding
Short Description:In many IGA implementations, as part of the application onboarding exercise, we often spend a significant amount of time discussing the approval workflows with the application owners. Most application owners inquire about specific s...
Best Practices for jobs/trigger management
Short Description :Best practices for various jobs scheduling and trigger managementApplicable version :All VersionsDetail best practice :Schedule Imports at Off-Peak Times: Identify off-peak hours or low-usage periods in your system and schedule use...
Avoid usage of Detective job instead create time based policy conditions
Short Description - The detective job ( DetectiveProvisioningRulesJob ) is a resource intensive job and has performance implications if its not used effectively.Applicable version - AllDetailed best practiceWe should avoid scheduling detective Job fo...
Tips to improve Technical and User Update Rule performance
TitleBest practices for configuring technical and user update rulesApplicable versionAll Saviynt VersionsBest PracticesRule Consolidation: Analyze your existing technical rules and identify any duplication or overlap. Look for rules that have similar...
Implementing Birthright rules ( Technical rules )
Short DescriptionTechnical Rule is used to provision birthright access to employees joining the company for all users based on specified conditions. To assign birthright access, you need to specify the conditions based on which birthright access need...
Security system and endpoints best practice
Short DescriptionThis article describes the best practices for security system and endpointApplicable versionAll versionDetail best practiceSecurity SystemProvisioning Limits should be set for “Disable” and “Delete” Task types for all Security system...
Single Sign-on Best Practices
TitleSingle Sign-on Best PracticesShort DescriptionAs SSO setup is key while starting the IGA Journey. This document provides an overview of the best practices while configuring the SSO to offer a seamless experience to the end users.Applicable versi...
SAV Role
Short DescriptionBest practice to configure custom SAV RolesApplicable versionEIC versions (2021.x and above)Detail best practiceOut of box SAV RolesMake use of out of box wherever applicable instead of creating custom SAV rolesThe ROLE_ADMIN should ...
Building a Solid Foundation: Essential Guardrails for Successful First Foundation Release!
Short Description:While you prepare for your foundation deployment for an Identity Governance solution, please look at the standard set of guardrails and tested patterns to secure the implementation.Application VersionAll versionsDetailed Best Practi...
Access Requests – Common issues and possible solutions
Short DescriptionGuide to address most common issues and possible solutions while configuring Access Requests.Applicable versionAllDetail best practiceA specific tile on the ARS page is not visible for a SAV Role (applicable to versions before EIC)Ch...
Best practice for Custom Request forms and dynamic attribute
Short DescriptionSaviynt solution can be extended by making use of dynamic attributes, to support creation of custom application request form to capture the fields/data by the end user while raising a access request. Dynamic attribute enables the im...
Orphan Accounts Management
Short Description - Orphan accounts can pose a serious security challenge for your organization. They are unattended , disown accounts who might have sensitive access assigned to them. We need to regular monitoring and appropriate handling of these a...
Schema based/File based Import Best Practices
Short DescriptionThis document provides an overview of best practices for schema import jobApplicable versionV5.5sp3.x & EICDetail best practiceEnsure to keep the schema file clean as the import picks up all the sav files present in the location duri...
