Hello,
We have a web service connector with different types of entitlements, some of which can be granted all at once in one request, and some of which can only be granted one by one.
We would like to optimize the number of requests, however we cannot use the “addRemoveEntInSingleReq” as the request for the 1:1 wouldn’t work.
My question is: how can we stop a new request from happening, after the first one has been made, for the entitlements that support multi entitlements requests.
To be clear, I want something like this:
Provisioning Access Profile : 2 entitlements of type A: A1, A2, 2 entitlements of type B: B1,B2
Request steps:
Add entitlement A1 and A2
Add entitlement B1
Add entitlement B2
Thank you in advance
(we would like to avoid using before provisioning rule)
One way would be by creating a access profile for entitlements of type A using a membership criteria if you have any and make the entitlements as not requestable that way a user won’t have the access to even request these entitlements and for the other since they can be requested separately make those 2 requestable in IDN and just to make sure only the right identity is requesting access for these entitlements you can add a approval workflow
Unfortunately, all these entitlements are provisioned automatically (they are not intended to be requested by the user), and ideally we would like to create just one role with all of them, including multiple entitlements of type A and B.
I was thinking maybe there was a way to stop a request from happening? so we can just do one request for entitlement type A and stop the following one?