"CheckAccess" webservice API call not working correctly for accounts
3 years ago
Originally Published: 2021-03-26
Article Number
000044325
Applies To
RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.2.1 P02
Issue

There is a user HM99541 with multiple AD accounts - HM99541 and TS99541.

User-added image
 

The user has access to AD group "CMHUB -R" through the HM# account.
User-added image

However, the "CheckAccess" API call returns "result=true" when checking for the group access to the TS# account but the "TS#" account does not have that group access

User-added image

Also when an account is locally mapped to one user only

User-added image
the API for checking the group should return false it returns an error instead

User-added image
 

<html>

<head>
	<title>Error</title>
</head>

<body>could not resolve multiple users account for checking group memebership
	Query
	String=cmd=checkAccess&amp;accountBS=Active%20Directory&amp;accountName=Abse1943&amp;entitlementBS=Active%20Directory&amp;token=ws31586405e9d7afd6f6:-3ce0f892:17791a7cc3d:-36f00.4189250509477934&amp;group=grp1
</body>

</html>
Cause
This is a known issue in the following versions.
  • RSA Identity Governance & Lifecycle 7.2.1 P02
Resolution
This issue is resolved in the following versions.
  • RSA Identity Governance & Lifecycle 7.2.0 P09
  • RSA Identity Governance & Lifecycle 7.2.1 P05
  • RSA Identity Governance & Lifecycle 7.5.0 P01
  • RSA Identity Governance & Lifecycle 8.0

Related Articles

Trending Articles

Don't see what you're looking for?