We have a requirement where we want to certify accesses by excluding all the birthright accesses for users. Can anyone help me out in this?
Hi @piyushdiwani,
I think When setting up the certification campaign, use search queries to exclude birthright roles. It may work.
Thank You!
1 Like
@piyushdiwani you can tag all the birth right roles and enttilements and later you can use NOT tags:“” to filter them in your certification
Hi,
I guess you have a setup where you have a single role used for both birthright and manual request.
In that case I believe there is no out of the box solution to filter out all the identities having the role by birth right and doing the certification only for manually requested.
I created a similar topic a few month ago.
My solution was to start a certification on both birth right and manually requested and then have a workflow that is bulk approving the access that were granted by birth right using the “revocable” attribute.
There is an idea that you can vote for here.
Cheers