Please share any other relevant files that may be required (for example, logs).
[Please insert files here, otherwise delete this section]
Share all details about your problem, including any error messages you may have received.
For delimited file application entitlements, after revoking access due to a policy violation, a manual work item is being generated. Does anyone have insights into how this work item is being triggered?
We need to customize this manual work item, but I am unable to locate any placeholder or configuration setting to handle it. Any guidance would be appreciated!
This rule will be triggered for all type of workitems, whenever workitems are getting generated or opened. So, if you are touching this then be cautious.
Can you let me know, what customization you are planning to do?
@Arpitha1
Yes, the Global Forwarding Rule will be triggered, and we can see the generated work item. However, we prefer not to modify this rule since it might impact performance for every other work item generation.
Our requirement is to generate a separate manual work item for each individual access revocation for a specific team, rather than relying on the default (OOTB) behavior, which generates a single work item for all revoked accesses.
Additionally, once the manual work item is marked as completed, we need to ensure that the corresponding access is removed from the application account automatically.
@deva_sp You can try SQLLoader connector, where you need to write provision rule for record insertion/deletion (to csv) and can use before/after provision rule for manual workitem creation.
Thank you for your response. We cannot use the SQL Loader connector as a solution because we have over 200 disconnected applications, which were intentionally designed this way based on business requirements.
We are looking for a scalable and global approach that can be applied across all these applications rather than handling them individually.
