Issue with Web service application onboarding

Hi All,

Recently we have onboarded one we services application the connection with application(test connection) is successful and Aggregation is successful, we are preview the roles and able to seen those roles in entitlement catalog.

Problem is we are not able see those roles from manage access, If i select filter as entitlement application at that time able to see those entitlement, when I’m selecting with the role application at that time not able to find those role.

For that we need perform any additional steps?

Thanks,
Shubham Gutte

Hey @GutteStolt ,

Could you capture a screenshot of both the filters you’re applying and post it here?

Hello @zeel_sinojia
Please see the below snapshot


You’re probably confusing the naming of the filters.

And individual access items from an application is called entitlements. So when you apply the filter “Entitlement Application”, it will fetch the access items from that application only.

Each application might have this access items named as differently, i.e., roles, groups, units etc. Generic name in SailPoint is entitlement.

Roles in SailPoint would be combination of different accesses. These can be created from Setup > Roles.

No matter what application you onboard to SailPoint and whatever name those applications gives to their access items, you would be able to filter the accesses using “Entitlement Application”.

Hello @zeel_sinojia

Thanks for the response.

If you can see in the below snapshot that is another application for that is can see the type role
image

Thanks,
Shubham Gutte

I am sorry I didn’t get you.

  • What filters have you applied to get this result?
  • Are you saying the application name you added into the filter is not same as these Role’s source application?

I have applied the same filter on other application. For that a can see the result The type is role. The entitlements that IIQ reads through the connector. We don’t use these for submitting requests or assigning them to users?, instead we assign the IT roles?

Thanks

  1. You could see accesses of type Role for another application. That is a totally valid case, that application will have Roles configured for it, whereas your application doesn’t have any roles. So none are showing up for your app.
  2. The entitlements read by IIQ can be assigned to the user.

Do one thing, apply the filter over Entitlement Source and see if you are able to see your roles/entitlements for your app.

Secondly, go to Setup > Roles > Role Search and under Filter by: Profile, add the application name where you could see the access items with type “Role” on Manager User Access screen.

See if the same roles are popping up here as well.

Hi @GutteStolt,

Is there a business role defined for this web service application? If so, please ensure that the business role is not disabled. If it still doesn’t appear, run the “Full Text Index Refresh” task and check again.

what you see in the entitlement catalog consists of entitlements, not roles.

Regards,
Arun

Hi All,

The issue fix now i can those in role in mange user. The problem is in Global Settings > Role Configuration > Role Types as IT Roles: No manual assignment
I have unchecked this option previously this is checked that’s why we are not able to see those roles in the Manage user access.

Thanks,
Shubham

1 Like