Hi @colin_mckibben , as per our observation so far, we see the same behavior as you mentioned in the two scenarios we tested
Consider, we have configured an SoD policy with two conflicting roles A & B
Scenario1: Submitted an access request for a user for role A. User doesn’t have any conflicting role.
Scenario2: Now, user has role A and submitted an access request for a conflicting access which is role B.
In scenario2, our expectation is that there should be SoD violation detected.
However, for the above 2 scenarios, we see the same behavior.