Insufficient privileges error when using the review URL (review_rvw_url) in email RSA Identity Governance and Lifecycle

3 years ago

Originally Published: 2017-02-17

Article Number

000040190

Applies To

RSA Product Set: Identity Governance and Lifecycle
RSA Version/Condition: 6.9.1+

Issue

When clicking Review URL "${review_rvw_url}" in the email body to access the review URL, the reviewer receives an insufficient privileges error in the UI.

Steps to reproduce

Edit the escalation workflow. This example uses the Reviewer Email Remainder workflow. Add the REVIEW URL ${review_rvw_url} variable.

Add the escalation workflow.to the review. Run the review and wait for the escalation to trigger.

Check the email which you received from the review.

Click on the REVIEW URL from the email body and you will see the error below:

Cause

The URL for review_rvw_url variable is generated incorrectly, pointing to a review definition instead of the review result. A reviewer who does not have access to the review definition page will get this error when accessing the URL in the received email.

Resolution

Upgrade to V6.8.1 P25, V6.9.1 P13, 7.0.0 P05 HF 01 or V7.0.1.

Below is the snapshot for the URL FOR REVIEWER and URL FOR MONITOR in the fixed versions.

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Steps to reproduce

Related Articles

Trending Articles