Identity & Access Management
Saviynt – Integrations & Enhancements
Document Owner: IAM – BAIN & Co Team
Document Version: 1.0
The content of this document is intended for IBM internal use only. None of this information shall
be divulged to persons other than IBM employees, or individuals or organizations authorized by
IBM in accordance with existing policy regarding release of company information.
________________________________________________________________________
�Table of Contents
Document Control.....................................................................................................................................2
Purpose of this Document.......................................................................................................................2
Who Should Use the Document?...........................................................................................................2
Implementation document for..................................................................................................................3
Generating ticket for Contingent workers 3 days.................................................................................3
before contract expiry...............................................................................................................................3
ContingentWorker_RecoverAssets................................................................................................3
_____________________________________________________________________
1
�Document Control
Summary of Changes
DOCUMENT HISTORY
Revision Revision Review and Nature of
Editors
Date Number Approved By Change
Original
IAM Team 1.0
Document
Purpose of this Document
Steps involved for implementing the solution to generate ticket for contingent workers 3 days
before to their contract expiry
Who Should Use the Document?
This document should be used by:
IBM Identity & Access Management Specialist Saviynt – BAIN.
_____________________________________________________________________
2
� Implementation document for
Generating ticket for Contingent workers 3 days
before contract expiry.
In scope: Contingent works of following types.
OUT_Independent Contractor
OUT_Vendor Contractor
OUT_Agency Contractor
Step1: Creation Detective Technical Rule and run preview mode. If no errors send the rule for
approval.
Rule Name ContingentWorker_RecoverAssets
Rule Description Detective Rule for triggering service now ticket for the recovery of
user assets
Advanced Query ([Link]=1) and ([Link] = '7') and ([Link] in
('OUT_Independent Contractor','OUT_Vendor
Contractor','OUT_Agency Contractor')) and ([Link] <=
adddate(curdate(), 3)) and ([Link] >= curdate())
Action Object Type: Laptop Mgmt
Object: Account
Attribute: Assign
Detective Click on check box
Step2: Create Following job type from Job control panel
Job Name ContingentWorker_Offboarding_Ticket_Creation
Job Type Rune Detective and Take Action
Execute Rules Detective technical Rules
Rule Query [Link]='ContingentWorker_RecoverAssets'
_____________________________________________________________________
3
� Schedule TBD(create schedule between contingenet worker feed and Snow
ticket)
Step3: Backup the existing create ticket Json in the Connection Servicenow and update below
one.
Create Ticket JSON
{
"call":[
{
"name":"call1",
"connection":"userAuth",
"url":"[Link]
"httpMethod":"POST",
"httpParams":"{\"u_user\":\"${user?.username}\",\"u_short_description\":\"$
{((user?.customer?.id==5) && (task?.tasktype==3 || task?.tasktype==6))? 'User On-boarding:
Configure Device' : 'User Off-boarding: Collect Device'}\",\"u_description\":\"$
{((user?.customer?.id==5) && (task?.tasktype==3 || task?.tasktype==6))? 'please contact
user`s manager to confirm device type and software requirements, if necessary. User must
receive all physical assets prior to their start date of
'+user?.[Link]().substring(0,10)+' if onboarding remotely. User`s eCode is
'+user?.username : 'User`s Last day of employment is
'+user?.[Link]().substring(0,10)+'. Please co-ordinate with the user to return their
equipment on or before their last day. User`s eCode is
'+user?.username}\",\"u_correlation_id\":\"$
{task?.id}\",\"u_correlation_display\":\"IGA\",\"u_category\": \"$
{((user?.customer?.id==5)&&(task?.tasktype==3 || task?.tasktype==6))? 'User onboarding' :
'User offboarding'}\",\"u_due_date\":\"${((user?.customer?.id==5) && (task?.tasktype==3 ||
task?.tasktype==6))? new [Link]('yyyy-MM-dd
HH:mm:ss').format(user?.startdate) : new [Link]('yyyy-MM-dd
HH:mm:ss').format(user?.enddate)}\"}",
"httpHeaders":{
"Authorization":"${access_token}"
_____________________________________________________________________
4
� },
"httpContentType":"application/json",
"ticketidPath":"result.display_value",
"unsuccessResponses":{
"message":""
}
}
]
}
Step4: Create Following Job for updating the laptop Mgmt Account status for contingent
workers after ticket is closed.
Job Name HouseKeeping_ContingnetWorkers_AttributesChanges
Job Type Execute Extension Queries
Query update accounts a
INNER JOIN user_accounts ua ON [Link]=[Link]
INNER JOIN users u ON [Link] = [Link]
set [Link] = 'SUSPENDED FROM IMPORT SERVICE', [Link] =
CONCAT([Link],'-Manually-
suspended-',DATE_FORMAT(curdate(), '%Y-%m-%d'))
where [Link] ='4' and [Link] ='7' and [Link] not like
'SUSPENDED FROM IMPORT SERVICE';
UPDATE users set customproperty31 = '3daysremindersent' where
date_format(enddate, '%Y-%m-%d') <= date_add(curdate(),interval
3 day) and date_format(enddate, '%Y-%m-%d') >= curdate() and
customer ='7';
UPDATE users set customproperty31 = '' where
date_format(enddate, '%Y-%m-%d') < curdate() and customer = '7'
and statuskey='0'
Schedule TBD(Run this job after contingent worker HR feed runs)
_____________________________________________________________________
5
�_____________________________________________________________________
