Contribute to our Community Curated Knowledge Base! All are welcome to join!
131 PostsUse-Case: Many customer's has the requirement to use windows domain account for Database connectors.Steps: ONLY FOR NON EICCreate login at SQL Server for the user which will be utilized at connector.Create a ‘krb5.conf’ file containing information of...
Use Case The customer changed the URL in the ADSI connection from LDAP to LDAPS once the connection was moved to secure.The connection failed with the below error- 2021-12-13/10:49:11.793 [{}] [https-jsse-nio-443-exec-1] DEBUG adsi.SaviyntGroovyADSI...
QuestionHow to set 'Owner on Terminate' as Manager's managerAnswerIn Latest versions(v2022+), we have a drop down available for selecting owner on terminate as user, manager, secondary manager etc.,. In this case, if we populate manager's manager val...
Use CaseHow to do Incremental Import from SAP SuccessFactorsPre-requisitesConnectivity should be established between Saviynt and SAP SuccessFactors.Applicable Version(s)All versionsSolutionDetailed Best Practice:As a best practice, it is recommended ...
This article describes the Out of box AWS attribute mapping AWS User Accounts mappingFollowing are the AWS IAM user attributes/metadata stored in the ACCOUNTS table of SSM DB. (These are the attributes that you see when you open an account in SSM UI)...
Use CaseThe user registration/creation forms in EIC are driven through User dynamic attributes defined in Global Configuration à Identity Lifecycle à Register User Form. Various types of dynamic attributes can be defined to take inputs from logged in...
Use Case / Problem StatementAdd access JSON for REST Connector is not working as expected causing the requested access failing to be provisioned at the target system. Pre-requisitesConnection should be successful to the target application.The JSON fo...
Use CaseFAQ – Provisioning JSONs Pre-requisites ConnectorApplicable Version(s)All Solution1. How to pass different value to the target based on source of the task?Ans: If a different attribute is required to be passed in case of birthright provisioni...
Use CaseThe use case is to configure a workflow to support creation of tasks after all approval requests are complete. In an ARS request process, when the user requests for more than one entitlements or role in the same request and the business requi...
Use Case / Problem Statement This SOP will help you to fix the frozen or black screen issue which appears on UI while launching any remote apps which are deployed on remote app windows servers.Applicable Version This is applicable to v2021 onwards fo...
Question: we are using service saviynt connector for service now (as a ticketing system) this is a Rest API based integration. Service now is suggesting not to call Servicenow API for getting status of tickets( which is userd to close tasks in saviyn...
Use Case Using actionable analytics to provision and de-provision assignments of SAV Roles. Pre-requisitesNAApplicable Version(s)All Solution Saviynt has the capability to use the actionable analytics feature to provision and de-provision assignments...
Use CaseCustomer wanted to add the new OU in the application name on the AD Group creation through the ‘Create New Role’ tile in the ARS page. OU=Cloud,OU=Groups,DC=cad,DC=netPre-requisitesNeed to have access to gsp file ( objectandpermission )Applic...
Use CaseAchieve Email uniqueness check during email generation against existing proxy addresses/other attributes mentioned apart from the email attribute field. A common use case to to have a lookup table before generating email so that any other uni...
Use CaseSet/Update Organization attribute on User Profile using csv upload. Pre-requisitesNoneApplicable Version(s)All EIC versions v2020.x and AboveSolutionIf you are looking to set the Organization field on the user profile while trying to import u...
Use CaseThe requirement is that Username Generation Rule should Autoincrement as per following scenario: Scenario:Username creation needs to be like "OW000001, OW000002, OW000003 ~ ”Username should have a max length of 8. Characters 'OW' followed by ...
Use Case / Problem StatementConsider a scenario where a retail organization uses a Database System where access to modify (update, delete, truncate, insert etc.) is considered to be of high risk. Therefore firefighter roles are implemented which prov...
The NetSuite application can be integrated with Saviynt using the generic SOAP connector. Below are the JSONS to make a successful connection with NetSuite and achieve provisioning use cases. We leveraged Token-based Authentication ConnectionJSON----...
Question We are trying to perform the POC for Freshdesk integration. Old Documentation Portal URL: https://saviynt.freshdesk.com/support/solutions/articles/43000660664-freshdesk-integration-guide New Documentation Portal Link: - https://docs.saviy...
Use CaseSaviynt Users were linked to old/inactive ServiceNow users because of incorrect User Link Properties. The User Link Properties are now updated. However, the links are not getting updated.There are 2 users in ServiceNow with the same email ID,...
Use Case A single API is used to Add/Remove access or to Update account. The requirement is to ensure the existing entitlements can be retained and only the selected entitlement is removed as part of Remove Access request.In target the Roles are only...
Question: We have a requirement to manager AD computer objects via Saviynt. Kindly confirm over the feasibility of below use cases via ADSI or AD connectors. - Import of Computer Objects as accounts. - Provision Computer Objects into AD security...
1.RequirementWe have a requirement to publish a report for all the user updates for the day. This should include all the attributes that have been updated (old + new values) along with other user attributes. We try to read the blob data from the user...
The Problem Statement:We are configuring the Saviynt IGA app in Service now and when running a test or saving the connection configuration, errors are generated but we receive a successfully connected to the ‘Saviynt Service’ message.Error - Not allo...
Use CaseThe REST connector configured to integrate with target application is failing. Despite correctly configuring the JSON in the REST connector, the API calls are not functioning. The URL, HTTP parameters, credentials, and other settings in Saviy...
Use CaseThis KB article outlines the process to manually link the unlinked Saviynt users with Servicenow users.Pre-requisitesThere are two option to perform user linking: Bulk option using script: The scripts retrieve all users that were updated in t...
Privileged Access Management (PAM) is the discipline for managing human or machine accounts which have elevated levels of entitlement to platform, system or application resources. It allows organizations to secure their infrastructure and applicatio...
Use CaseOnly one email per request should be triggered with all the access(including child access details), user and dynamic attribute details of created tasks on completion of approval workflows. Pre-requisitesRequest approval and task creation is w...
Use Case:Sometimes due to faulty import runs or some other conditions the assignedfromroles value in Account_entitlements1 table is not populated as well as the role_user_account has accountkey which are not in Active status. This may lead to incorre...
Use Case Customer created a user (service account) in Saviynt for using Saviynt APIs from Postman. However they are unable to login from Postman and are getting 401 unauthorized error. Pre-requisites The service account has a SAV role which has a...
Use Case1) If the customer wants to make changes to the email template and has asked to trigger a particular email that has already been sent2) A particular email has been triggered already but has not been delivered to the respected personnelSolutio...
Use CaseConsider the following JSON example, which involves assigning different access groups based on a user's EmployeeClass.The use case is as follows:- IF user.EmployeeClass is one of ('A1', 'A2', 'A3', 'A4', 'A5'), THEN assign accessGroup /292 EL...
Connection refers to the configuration setup for connecting to target applications. You create connections by specifying the connection parameters. Because connection parameters are different for different connection types, connections are the subset...
Detailed Question: Using a DB connector, can you connect to SQL DB by authenticating against an AD service account provided the AD and DB are in the same domain and provided the service account is not present in the database?Answer: Database connecto...
SymptomsRequirement is to writeback email from any Saviynt's attribute to Workday. The workday endpoint is a REST endpoint because the email is being written back to a custom object on Workday which cannot be updated through SOAP API.DiagnosisThe use...
Use CaseRole updates made by using upload role from Role Management don’t show up on Role history even though the update is reflected it doesn’t show in the history section.Pre-requisitesN/AApplicable Version(s)AllAnswerWhen using the "upload role vi...
Use CaseWhen creating a trigger chain job you note that the job does not run unless you reduce the count of jobs present in the trigger chain.In theory, there should be no limitation to the total number of jobs in a single trigger chain job as long a...
Description - Saviynt provides email services using AWS SES for sending outbound emails. It supports both SPF as well as DKIM. There are two ways to achieve DMARC (Domain-based Message Authentication, Reporting & Conformance) validation: DomainKeys I...
SymptomsIn order to delete any workflow from the system, you might run into an issue where the delete option is not visible on the workflow list page.DiagnosisThere is config present in the externalconfig.properties file as below which needs to be se...
#DescriptionThe below article describes Saviynt policy on Disaster Recovery (DR) on AWS #Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are two important concepts in disaster recovery planning. RTO is the maximum amount of time that...
SymptomsWe have few issues reported where the variables under application catalog items are not completely generated. Few variables are missing as out of 11 variables that needed to be generated under the catalog item, only 7 were generated.Diagnosis...
Use Case Workday is the authoritative source of user data. When users are imported from Workday to Saviynt, an email address must be generated in Saviynt which has to be updated back to Workday. Pre-requisitesWorkday Connector (Authoritative Source) ...
Use Case How to Use Saviynt as Ticketing System to SAP GRC for SoD validation and last-mile SAP ERP apps account and access provisioning / de-provisioning? USE-CASE / FLOW: SAP GRC system in Saviynt is a requestable application with multiple Bu...
Use CaseThis document contains some useful report that can be used to verify data ,job status, task provisioning status etc in EIC. These can be leveraged to be used for monitoring.Pre-requisitesCreate Analytics Role AccessData Analyzer Role AccessAp...
SymptomsWe are setting accounts to "Manually Suspended" in Saviynt. The status change is working as expected but the account name is also getting changed after the Disable account task has been completed.Logs will show 2022-12-22 10:07:23,689 [quartz...
Exclusions for SOD can be handled in two waysAt the targetIn the SOD ruleset at a SOD function levelExclusion at Oracle:Each Oracle E-Business Suite product is delivered with one or more predefined menu hierarchies. System Administrators can assign a...
Use CaseTo determine Active users List not in feed after full user import. Applicable Version(s)AllSolutionBelow query can be used to identify all the users which are active in SSM but were not part of the feed of the last full user import. This help...
Use case: Issue with Add access tasks not completing or adding groups to user account at target and getting an error code 65 Target System: This is applicable for AD connector being used for LDAP target systems.Applicable SSM versions: v5.4.0 and onw...
Use CaseVarious Request types and Task types along with corresponding codes are listed below. Pre-requisitesN/AApplicable Version(s)All Solution REQUEST TYPES: REQUESTTYPE = '1' : 'ADD'REQUESTTYPE = '12' : 'UPDATEACCOUNT'REQUESTTYPE = '2' : 'DELETE'R...
Pre-Requisites:Permissions Required for User Interface Customization. Your SAV roles must have specific permissions to customize the UI on the User Interface Branding Configuration page. Action ...
We want your journey here to be as great as can be, so we have put together some links to help you get quickly familiarized with the Saviynt Community.
More Links