Can a workflow be configured to detect expired access removals of entitlements through system?

Hi I’m trying to see if I can configure a WF to detect entitlement removals through expiration.

Please let me know if there is a possiblity to do so.

Hi @Prashanth1812

I don’t believe this is possible, it’s not one of the listed triggers. You may want to submit it as an idea in the ideas portal.


Provisioning Completed trigger would work here? as below

$[?($.action == “IdentityRefresh”)].accountRequests[?( == “xxx” && @.provisioningResult == “committed” && @.accountOperation == “Modify”)].attributeRequests[?(@.operation == “Remove” && @.attributeValue in [‘Ent1’,‘Ent2’])]

Possibly but I think that would apply to any removal, not just one triggered as a result of access expiring

1 Like

looks like its not working @vkashat . I might try something with identity attributes/transforms and do identity attributes changes trigger. Thanks though

1 Like