In the workflow Identity Request Approve I have added a script (size(policyViolations > 0)) and added it to the transition after owner approval step which will send the violation to the security officer approval. However what I noticed is that all the approval items in the request - even non-violating - get sent to the security officer for approval. I have tried the recommendations on Compass which mostly mention to enable workflow splitting, which was tested and didn’t produce the required outcome. So the next thing I would like to try is querying the policyViolations variable which produces the sample results in the included image. Ideally I would like to get the Application and entitlement Value information from this variable. After that I could compare it to the existing approval items to determine what caused the violation. I am looking for the proper beanshell methods to gather this information from the policyViolations variable.
Thanks, Levi