Insufficient privileges error when using the review URL (review_rvw_url) in email RSA Identity Governance and Lifecycle
2 years ago
Originally Published: 2017-02-17
Article Number
000040190
Applies To
RSA Product Set: Identity Governance and Lifecycle 
RSA Version/Condition: 6.9.1+
 
Issue
When clicking Review URL "${review_rvw_url}" in the email body to access the review URL, the reviewer receives an insufficient privileges error in the UI.

Steps to reproduce

  1. Edit the escalation workflow.  This example uses the Reviewer Email Remainder workflow. Add the REVIEW URL ${review_rvw_url} variable.
User-added image
  1. Add the escalation workflow.to the review. Run the review and wait for the escalation to trigger.
User-added image
  1. Check the email which you received from the review.
User-added image
  1. Click on the REVIEW URL from the email body and you will see the error below:
User-added image
Cause
The URL for review_rvw_url variable is generated incorrectly, pointing to a review definition instead of the review result. A reviewer who does not have access to the review definition page will get this error when accessing the URL in the received email.
Resolution
Upgrade to V6.8.1 P25, V6.9.1 P13, 7.0.0 P05 HF 01 or V7.0.1.

Below is the snapshot for the URL FOR REVIEWER and URL FOR MONITOR in the fixed versions.
User-added image

Related Articles

Trending Articles

Don't see what you're looking for?