Access Policy Harvesting Steps for Reconciled Entitlements
(Doc ID 2003107.1)
Last updated on MARCH 13, 2019
Applies to:Identity Manager - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
There is an entitlement which is part of an access policy. But a user in OIM gets this entitlement via reconciliation. Then the User is given a OIM Role which is attached to the access policy which provisions the same entitlement. Later when that OIM role is taken away from the user, the access policy evaluation does not remove the entitlement. The entitlement can only be removed via a direct revocation of the entitlement.
How to use access policy harvesting to manage such entitlements which are reconciled so those are managed by the access policy?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!