Request forms for adding user access allow the selection of entitlements already granted indirectly in RSA Identity Governance & Lifecycle
Originally Published: 2019-07-17
Article Number
Applies To
RSA Version/Condition: 7.0.2, 7.1.0, 7.1.1
Issue
In the following example, user Rita Book belongs to group Engineering Management. As a member of Engineering Management, user Rita Book has inherited two indirect entitlements (Bugzilla Administrator and SCM Manager.) Because Rita Book already has these two entitlements, it is expected that any request to add additional access to this user will not include these two entitlements. However, when adding access to this user through either a Global or Application Request Form, these two entitlements are available for selection.
The Engineering Management Group Access tab shows the group has two direct entitlements:
Rita Book's User Access tab shows she has these two entitlements as indirect entitlements via the Engineering Management group:
When requesting additional access for Rita Book, these two entitlements incorrectly display on the Access Request Form for selection:
Cause
Resolution
- RSA Identity Governance & Lifecycle 7.0.2 P14
- RSA Identity Governance & Lifecycle 7.1.0 P07
- RSA Identity Governance & Lifecycle 7.1.1 P02
