Hi Team,
The Find Users functionality should filter and display users according to defined identity attributes, allowing only authorized or relevant users to appear in the results. Can you please provide suggestions on this
could you please elaborate what exactly your requirement is? maybe by an example.
Hi @sureshbomm
Find Users Access is dependent on the Dynamic Scoping. You can achieve this based on the setting of “Who can members request for?” on your respective quick link population. Only the members that can be requested for will be made visible for Find Users Access too.
Regards,
Uday Kilambi
Can you please share the steps for better understanding
Sure, here is how it can be done to setup your quick link population:
- Global Settings → Quicklink Populations
- Choose the right population. If Request Access is enabled in your case for the population everyone, you can choose Everyone Quicklink population.
- Navigate to the option “Who can members request for?” and select “Specific Users” in the options.
- Define the logic to identify the “Specific users” case, there are multiple approaches available. Multiple approaches can be selected too. In the below example, I configured to match the users who share the same manager as the requester, similarly it can be for other attributes as well.
Here is a detailed documentation about the quicklink configuration:
1 Like
Hi @uday_kilambi Thanks for the information, I have tried it but I’m getting exception like below and i can see extra option
“Recommended for you” is shown if you have AI-Driven Identity Security is enabled.
But, getting back to your original question, do you able to see only the scoped users for “Find Users Access”. The error you added might be something related to the Match Filter rule you configured.
We have exactly similar situation, where the scoping is defined through a rule and Find User Access exactly shows the users as needed.
It is not working as expected, i can see all users
Filter filter =Filter.and(
Filter.ne(“status”, “terminated”),
Filter.eq(“department”, “security”),
Filter.notNull(“department”),
Filter.ne(“department”, “”)
);
return filter;
Did you ensure that these users are excluded from other quicklink populations which may have everyone as the criteria
Yes, I have excluded remaining quicklinks
If your goal is to find active employees in the Security department, you can simplify the script significantly:
import sailpoint.object.Filter;
Filter filter = Filter.and(
Filter.ne("status", "terminated"),
Filter.eq("department", "security")
);
return filter;
in my test environment i have tested with below filter, it is working as expected.
import sailpoint.object.Filter;
Filter filter = Filter.and(
Filter.ne("status", "Employee"),
Filter.eq("department", "Accounting")
);
return filter;
couple of screenshots for your reference.
the filter will result in 12 users.
when I try to raise a request for Douglas.Flores he belong to Employee department.
it shows 12(above filter)+1 user(logged in user)
selected Douglas.Flores – Find Users’ Access listed only 12 users as expected.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.