Search Identites Based on Manager Attributes

I am trying to schedule a manager access review. One of the requirements id that if the reviewer is director or above, it should be assigned to a particular person. As I could not find any appropriate solution to automate this, I thought we will split it into two access reviews - one with managers director and above and another with managers that are not director and above. But it seems that search query can’t be written based on manager attributes. e.g. I tried manager.attributes.departmentName:“Testing” and it did not work. Can someone please confirm if it is even possible and if so how?

Hi Gaurav,

See if this link helps:

You could do a search based certification campaign.
Certification Campaigns >> New Campaign >> Idenitites >> All identities returned by a query >> isManager:true

Hope this helps!

Hi @gaurav_jain,

You can use search query only on these manager attributes -,manager.displayName and as these are the only second level fields available. See the below documentation for further info.

The solution would be to make use of an Identity transform and map the manager’s department value to the user (Say with an attribute name - managerdepartmentName).

The transform would look like this :

    "name": "Manager_Department",
    "type": "rule",
    "attributes": {
        "name": "Cloud Services Deployment Utility",
        "operation": "getReferenceIdentityAttribute",
        "uid": "manager",
        "attributeName": "department"
    "internal": false

Once this is done, you can make use of the search query to find all users with the required manager dept value.


Here is the documentation on the transform :

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.