Sailpoint identity Governance getting 403 response when trying to remove users from a specific group
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-23-2023 12:39 PM
When our identity team tries to remove a user from a group from IIQ leaver, they are getting a security ACL error and this is only happening on users who also have an assigned Snow role in IIQ:
sailpoint.connector.InsufficientPermissionException: [InsufficientPermissionException]
[Possible suggestions] Furnish appropriate permissions to the user.
[Error details] Insufficient privileges detected. Status: 403, Output: "Operation Failed", Detail: "ACL Exception Delete Failed due to security constraints", Status: failure
According to the connector docs this is due to roles/permissions for the service account. I checked the user roles and ACL's as well, all the necessary accesses and roles have been provided. There have also been no recent changes made on the SN environment for the roles and ACL's in question.
Has anybody faced a similar issue or can advise on this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-06-2023 05:08 AM
@mahendrarrao, did you get any response on this? I think I'm having the same problem.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-21-2024 07:39 PM
Any word on this? We are going to update our sailpoint governance connector plugin and I am preparing for worst case scenarios.
