Hi everyone, Good Day!
In our integration between ServiceNow and SailPoint IdentityNow (IDN), we’re having a scenario where two conflicting access requests are submitted simultaneously for the same user—each granting access that would violate our Segregation of Duties (SoD) policies.
Is there a way for SailPoint to detect and surface these conflicts during the approval phase, so that reviewers or approvers are made aware of the violation before Approving/granting access?
In general, the SOD function only works by comparing a single requested access item against what the user already has access to. It does not consider access items as part of a request that hasn’t yet been completed.
It doesn’t mean you couldn’t do that with a custom servicenow catalog item and workflow, but none of the off the shelf components support this use case