Hi everyone.
I’m doing a workflow to reject access request that violate our SoD policy. I’ve tried using the sod-violations/predict API call, but I don’t know how can I pass it the id of the identity and the entitlements it must check. I’ve also tried using the Get Access Request Recommendations but I couldn’t get it to work. Do you have any ideas? Is this even possible to do?
Thank you in advance.
Have you validated that your SOD policy is working as intended?
Yes. The policy is working. I’ve tried it with the API and it returns the violation. My problem now is that I don’t know how to pass it the id of the identity and all of the entitlements.
For that I would look at the API response that was returned. And look at the data model of that response and start dot walking to the needed attributes. It might be a case where you will have to make multiple api calls in order to get to the data you are looking for. This may also be a case for Ask An Architect or Expert Services.