Hi everyone,
The user have both Business & multiple IT roles(from multiple applications)
Case 1. adding one more IT role to the Business role
Case 2. remove existing IT role from Business
Case 3. Deleting business Role from ui
What was impact on user for above cases,
Let’s break down the impact on the user for each of these cases:
When you add an IT role to a Business role, the user will receive the entitlements associated with the new IT role. This means:
Provisioning: The user will be provisioned with the new access rights and permissions defined by the added IT role
Access Changes: The user’s access to applications and resources will be updated to include the new entitlements
Certification: During access reviews, the new entitlements will be included in the certification process
Removing an IT role from a Business role will have the following impact:
De-provisioning: The entitlements associated with the removed IT role will be revoked from the user
Access Reduction: The user’s access to applications and resources will be reduced accordingly
Identity Refresh: The Identity Refresh task will update the user’s profile to reflect the removal of the entitlements
Deleting a Business role from the UI will impact the user as follows:
Role Removal: The Business role will be removed from the user’s profile
Entitlement Revocation: The entitlements linked to the Business role will be revoked
Propagation: Running the Role Propagation task will ensure that all entitlements associated with the deleted Business role are removed from the user’s accounts
If you need more detailed guidance or troubleshooting, feel free to ask! Is there a specific scenario you’re dealing with right now?
Thank you @kannan_sb85
I have run identity refresh task, after removing it role from business role, but user still have IT role and account, so where I need to need to check
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.