How to Controll QuickLink Access

Which IIQ version are you inquiring about?

[8.4]

Share all details about your problem, including any error messages you may have received.

*[I have created a Custom QuickLink, this QuickLink is visible to everyone. I want this QuickLink should be accessed by or visible to the admin only. I have the DynamicScopeRef like this below.
*

<QuickLinkOptions allowSelf="true">
  <DynamicScopeRef>
    <Reference class="sailpoint.object.DynamicScope" name="Everyone"/>
  </DynamicScopeRef>
</QuickLinkOptions>

Hi @harishchappidi_11

Create DynamicScope

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE DynamicScope PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<DynamicScope name="SystemAdministrator">
  <Selector>
    <IdentitySelector>
      <MatchExpression>
        <MatchTerm name="capabilities" value="SystemAdministrator"/>
      </MatchExpression>
    </IdentitySelector>
  </Selector>
</DynamicScope>

update the Quicklink Populations as per your requirement.

Gear Icon – Global Settings – Quicklink Populations

Follow the steps:

1. Create a DynamicScope through the Quicklink Populations page. Make this scope visible only to System Administrators.

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE DynamicScope PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<DynamicScope created="" id="" name="SysAdmin">
  <Selector>
    <IdentitySelector>
      <MatchExpression>
        <MatchTerm name="capabilities" value="SystemAdministrator"/>
      </MatchExpression>
    </IdentitySelector>
  </Selector>
</DynamicScope>

1. Add this dynamic scope to the quicklink object.

<QuickLinkOptions allowSelf="true">
    <DynamicScopeRef>
      <Reference class="sailpoint.object.DynamicScope" name="SysAdmin"/>
    </DynamicScopeRef>
  </QuickLinkOptions>

Thanks

@harishchappidi_11 -

Below is the high level steps -

1. Create a new Dynamic Scope for System Administrators

• UI: Gear icon → Global Settings → QuickLink Populations → New
• Purpose: select identities that have the System Administrator capability.

image2441×1170 169 KB

You can also import the below xml to create the dynamic scope-

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE DynamicScope PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<DynamicScope name="SystemAdministrators">
  <Description>System Administrators population</Description>
  <Selector>
    <IdentitySelector>
      <MatchExpression>
        <MatchTerm name="capabilities" value="SystemAdministrator"/>
      </MatchExpression>
    </IdentitySelector>
  </Selector>
</DynamicScope>

2. Attach the Dynamic Scope to the QuickLink

• Edit your QuickLink and reference the new scope in QuickLinkOptions.

QuickLink fragment

<QuickLinkOptions allowSelf="true">
  <DynamicScopeRef>
    <Reference class="sailpoint.object.DynamicScope" name="SystemAdministrators"/>
  </DynamicScopeRef>
</QuickLinkOptions>

Only identities included by the SystemAdministrators Dynamic Scope (i.e., those with the SystemAdministrator capability) will be able to access/run this QuickLink.

Let me know in case you have any queries.

Thanks for the Quick solution @Pattabhi Nandarapu

Thanks @Manish Singh for providing the solution.

Hello @Amit Kumar Thanks for the step by step solution, it helped me to fix my QuickLink

Dear @Harikrishna_06
Greetings of the day. please mark one of the comment as solution, for better documentation and it will dis-appear from unresolved topics list.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.