We are trying to run certification for our AD application entitlement and we are seeing that our revoke request is being filtered with reason = Dependencies. We tried the remove access through access request and got the same result. Looking into developer forum and community, we found out that if an entitlement is part of a role and the user still has the role, sailpoint filters out the requested revocation of the entitlement. Is there anyway to skip this in terms of certification? As in if the request is coming from certification, do not filter out ?
have you tried adding or passing noFiltering flag to see if that helps?