Generic REST EDC collector not getting the desired results in entitlement relationship in RSA Governance & Lifecycle
2 years ago
Article Number
000071619
Applies To

This is a known issue in the following versions:

  • SecurID Governance & Lifecycle 7.5.2 P01
  • RSA Governance & Lifecycle 8.0
Issue
Using REST entitlement collector app-roles were collected as expected but when collecting the relationship to those app-roles, If the same app-role entitled to more than a user the entitlement relationship will be rejected with the below error:
 
EC[176] Context[RunID=210, EDC(Name=Nuxeo-PreProd2-ViaBoomi-EDC-2, ID=48, APP=)] Message[Entitlement Data Validation: Duplicate User-Entitlement Data.]

Sample JSON data: 
{
    "users": [
        {
            "UserName": "userA",
            "Models": ["ent1"]
        },
        {
            "UserName": "userb",
            "Models": [
               "ent1",
               "ent2"
                      ]
        }
    ]
}


image-2023-11-08-19-08-25-011.png

From the above screenshot:

-"ent2" only entitled to "userb", The relationship will be working as expected.
-"ent1" entitled to both users "usera & userb", It was rejected and existed in the raw-data 4 times.
 
 
Cause
There was an issue with the manner the EDC as entitlement bag collects multiple entitlement for single user which resulted in multiple entries in raw data of entitlement relationships.
 
Resolution
The behavior has been changed in the following versions to collect unique entitlements. 
  • SecurID Governance & Lifecycle 7.5.2 P09
  • RSA Governance & Lifecycle 8.0.0 P01

Related Articles

Trending Articles

Don't see what you're looking for?