As we are using SailPoint IIQ 8.4, while doing account aggregation the appRoleAssignments is not appearing on account link or as entitlement for user.
And this appRoleAssignments is available as part of account schema. And User is assigned to Application Roles under application site ad application in Azure.
Please assist here, how to fix this issue. And what could be the cause.
And ClientID which we are using to establish connection with Azure AD will have all permissions.
@Andrei Stebakov: Do you have any inputs pls?
Do you also have Object Type: applicationRole on ur Schema?
appRoleAssignments –> Is this a custom schema of your app? Please provide more details if any customization has been applied on the OOTB connector.
Thanks
AppRoleAssignments is an out of the box account schema attribute. See here:
Account Attributes
I recall us not getting it populated correctly until we had both appRoleAssignments on account schema present, and Application Role Attributes object configured.
Might not be what @damodarreddya is facing though.
Yes. I do have Object Type: applicationRole Schema
it is not custom schema. As per connector document, application is having those schema.
While aggregating the account, why appRoleassignments are not appearing on Account of AzureAD in SailPoint.
Thanks for response.
Account schema having appRoleAssignments and had another schema i.e applicationRole. And group aggregation is bringing application Roles to SailPoint and those are available under Entitlement catalog. But while doing account aggregation, I could not able fetch those appRoleAssignments as account attribute of AzureAD.
Hello, I am getting the same error. Were you able to fix this??
Is this a new application (created with IIQ 8.4), or was it created with an older version of IIQ and upgraded?
The upgrade process doesn’t always give you the same as what you would get starting fresh.
Its newly created, in 8.4
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.