We have created a role with direct entitlement (i.e. not included any access profile) without any assignment criteria. There are 10 users having this entitlement as a part of the application. So we are expecting those 10 users should have this role assigned to them.
But when we execute search query @access(displayName:“<Role_Name>”) no identity is coming up and if we run query as @access(displayName:“<entitlement_Name>”) all 10 users are showing up.
Also, in Access Model → Role → when we search with role name, it shows identities as 0.
Does this mean that, even users have all the entitlements of the role that role will not be assigned to user automatically?
Yes, roles will not automatically assigned to the identities. ISC roles are assigned role and not detected, only access profiles are detected. So, you might need to add roles on identity via access request or via API
Yes, Roles won’t be detected like access profiles we need to assign it, if you don’t assign it via standard criteria, you may use Identity List option to assign it manually.