Skip to Content

IdM & GRC Provisioning


We have setup IdM and GRC using a Centralized provisioning approach with a result polling option.

When I assign the first role to a new user, I do not want this request to go to GRC-AC for risk analysis. Since there will be only one role, it does not make sense for the request to go to GRC-AC. I know this is possible as I have seen a demonstration in an SAP TechEd 2010.

Any suggestions ?



Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • Best Answer
    avatar image
    Former Member
    Mar 18, 2013 at 03:37 AM

    You could do a switch task based on the number of roles being assigned and currently assigned.

    I don't have a machine in front of me but something like:

    select count(mcothermskey) from idmv_vallink_basic where mcthismskey = %MSKEY%.

    Case 0

    Case Else

    You'll probably also want to count the current pending objects as you'll want to send it to GRC if more then one is being assigned at the same time.


    Add comment
    10|10000 characters needed characters exceeded