1 of 100

3.1.6 Getting Started

What is Cymmetri?

Cymmetri is a Converged Identity & Access Management Platform and a well-trusted platform acting as an advisor and an end-to-end partner for Security-aware teams looking to deploy Identity and Access Management Solutions across their organization.

We offer an industry-standard product backed by a strong team that always aims to innovate our solutions to cater to a wide variety of enterprise needs.

Release Notes

3.0.1-Beta

Version: cloud_3.0.1-beta product release

Date: 03 November 2023

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

New Features

Policy Map Datatype Converter
- Added standard converter to convert ldap profile picture.
- Added standard converter to encrypt & decrypt data.
Sample Fields For Active Directory

Decision Engine Restart Scheduler
- Added scheduler which will run on every hour and process stuck decisions.
Audit JMS Queue added in following services
- cymmetri-microservices-authPolicy
- cymmetri-microservices-mfa
- cymmetri-microservices-notification
- cymmetri-microservices-provisionEngine
- cymmetri-microservices-registration
- cymmetri-microservices-ruleEngine
- cymmetri-microservices-selfservice
- cymmetri-microservices-usermanagment
- cymmetri-microservices-workflow
- IG
- cymmetri-microservices-sodengine
- cymmetri-microservices-pam
- cymmetri-microservices-analytics
UI/UX Changes
- Show Cymmetri Verify app link on push/fido registration screens.-Rejected for the selfservice app
Cymmetri Verify App update (v5.9.1)
Cymmetri Verify App update (v5.9.2)
Cymmetri Verify App update (v5.9.3)
- Display a message to indicate the action being performed
Restructured bulk user import for performance
Notification Global Config
- Notification categories in two types i] Mandatory ii] Optional.
- Notification Global Config applicable for only optional type of notification.

Fixes

Cymmetri Verify- When exporting TOTP users password is accepting all digits/values as alphabets/number when it should have accepted alphanumeric values
Cymmetri Verify | IOS | Face ID being asked infinitely
Cymmetri Verify app- Showing duplicate records when imported from other device
Cymmetri Verify app- Search functionality is not working when users imported from different device
Cymmetri Verify- Show password when clicked and file is exported, then again export file same password is visible with no masking(password is visible)
Cymmetri Verify | IOS | Unable to import backup file
Cymmetri Verify | IOS | Face ID not supported error
Cymmetri Verify | Account details not updated on adding/removing push/fido
Cymmetri Verify | IOS | Not internet error
Application getting repeated within different pages of application list
My workspace>Access Review>IG>Managed - When all the checkbox of Info field are disabled, then title checkbox should also be disabled
User - Application - Group name should be displayed
Audit-Audit with device filter not working
Vaulting Configuration- Test connection audit not present
Notification Template- User is not receiving mail for reset password
Login-Showing incorrect validation message and asking user to reset password again
Onboarding flow | Additional details not accepting other country mobile number
Recon history- provide search
Tenant Registration- Domain is not visible
Register tenant- Country dropdown is showing no option instead of countries list
Application - Tag - Already created tags present in application are not getting displayed in grid page.
Partner Portal- Showing invalid argument but not able to understand exact which field is invalid
- Admin Portal- Top search not working
- Admin Portal- Get Started link not working
- Admin Portal- Company name and company code should get trim
Fido Authentication- User is not able to authenticate via FIDO in first time, user need to kill app or refresh inorder to register device

Known Bug

Manager notification : receiving user name required manager name
Multi-role assignment with form,then form adding repeatedly for each role, expected only one form should bethere
Fido - Push/fido not getting removed from mobile app
Password converter only accepted encrypted value . it should also accept user's editable value

3.0.2-Beta

Version: cloud_3.0.2-beta product release

Date: 01 December 2023

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

New Features

User management service restructured.
PAM - Sub domain added in Authentication Parameter
UI/UX Improvements:
- Show username in user selection dropdown menus
- Show Cymmetri Verify app link on MFA TOTP Registration and App MFA TOTP, Push, Fido
- Show message when cookies are disabled on browser
- Cymmetri Verify App update (v5.10)
  - App drawer, header and lock screen UI improvements
  - Search box moved to header
  - Show search history
  - Haptic feedback on TOTP code press
Cymmetri Verify App Hotfix (v5.10.1)
Introduced spring expression language in SAML.
In Multifactor otp config we can't disable both email otp and sms otp. At least one should be active.
Group Provisioning
Cymmetri Mobile App update (v1.5)
- Added QR code self registration for TOTP, Push and FIDO
- Added TOTP self verification eliminating need for finding and copying TOTP from cymmetri Verify app for the login
- Added App lock with biometric in the app

Fixes

Forgot password-User is not receiving email notification
Workflow description spelling correction
Workflow on unassignment-On role unassignment, if any workflow already trigger then message should be shown
Manage view- for converter used parameter not showing
Application-date converter, recon pull getting stuck
Workspace | click search box creates Ul glitch
Login with Read only user- Configuration> Syslog configuration- Configuration should be gray out and should not be editable
Configuration>User decommission config- Add a short description specifying functionality (Title)
MFA- Rename SMS Authenticator to OTP Verification
Configuration>Master>Zone>Gateway IP- Sorting is not working
Configuration>Master>Global>Value- Sorting is not working
Configuration>Master>Zone>Name- Sorting is not working
User Onboarding| Contact info details not accepting other country mobile number
Delegation- Successful Validation message should be shown after user is assigned
Time-based role assigned application- Time based Application is not getting deleted after time period is completed when role is assigned
Configuration>Master>Zone- Showing old zone data when creating new zone
My workspace>Access Review>IG>Managed - When all the checkbox of Info field are disabled, then title checkbox should also be disabled
Provision- When user is trying to create new role, role is not getting added neither validation message is shown
Cymmetri Verify - IOS - Push/FIDO Verification screen not shown when app opened through its notification
Cymmetri Verify - App protection not working
Self service app- User when trying to login on self service app having Fido authentication On, user is redirected to Play store but see in play store app is not clickable
Cymmetri Verify - Same day exported file - with file count attached to the name is reported as invalid file
Application provisioning MFA- When max TOTP/OTP/Secret Question invalid answers limit exceeds, it should show validation message and should be redirected to login page.
Application Role workflow- User is applying workflow for specific role but non workflow as signed role is also not getting assigned
Update user import sample file
usersrvc/api/user/dropdownList- in above path, for create workflow in bulk
when we create in bulk it is showing out of memory
Global Notification disable-by default it is off
Notification template- Global Notification for OTP is off still logs is showing mail sent(True)
Campaign with group-Campaign getting aborted
Multi-role assignment with form, then form adding repeatedly for each role, expected only one form should be there
Deprovision rule- User is not getting suspended when end date is applied at the time of user creation
Users Import- User name, Login should get trim if space is included while importing user
Identity Hub> User session- User session is not getting terminated even after revoking users session button is clicked

Known Bugs

Manager notification: receiving user name required manager name
AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)

3.0.3-Beta

Version: cloud_3.0.3-beta product release

Date: 15 December 2023

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

New Features

WebAuthn passwordless authentication (It only works for chrome, safari, edge on desktop and chrome and edge on mobile) - EXPERIMENTAL
Onbehalf Configuration
- Default onbehalf configuration
- Rule engine support to create custom configuration.
- Display the OnBehalf menu in self-service according to the logged-in user's matching custom/default configuration.
- Below menu operations supported
  - User Application View,
    Assign Application
    Assign Role
    Unassign Application
    Unassign Role
  - User Groups View
    Assign Group
    Unassign Group
- Group Provisioning Enhancement
- Policy map datatype converter Enhancement
  - Converter support added in custom attribute
  - Configuration support added for custom attribute converters
  - Encryption added for Custom attribute password converter value of user
- - Bug fixes
- - Bug fixes
  - Added self verification support for forgot password, App MFA, server MFA, and passwordless
- Global module search feature (Ctrl+K)
- Groups list pagination in user details
- Connector
  - Oracle HCM
- PAM
  - AD seperated from the Cymmetri
- Group - View Attribute - Showing list of CN of members of remote group

Fixes

Workflow for time-based role application- Audit log should show action not supported me ssage if lifetime application is changed to time base from approver end.
Recon Link for both exist- When updating group after linking showing custom attribute error
Multi node-Application assign with role, all user getting assigned but still import showing in progress
AD group count mismatch-In AD total 1278 group but in pull it is showing 1260
Application Group- Pagination should be applied for group provision page
AD application push- Group should not be updated when update checkbox in policy map is unchecked
AD Recon Push- When all policy attribute are false, group creation should show error.
AD Application Pull- When all policy attribute are set to false, group creation should show error
AD-Policymap_memberOf need to be default false for old tenants
Browser specific-On Mozilla browser OTP verification is not proper
Login with Domain Admin- Manager assignments should not be greyed out
Import completed file show end time
Policymap-group(pull/push)-if attributes are inactive then this should not be reflected under dropdown
PAM-Sign on Policy- Policy should not get activated unless MFA factor is selected.
Audit-Configuration-OTP-For check uncheck Send OTP on,audit should be present
AD application- Should show error message when description is user principal
Self service-Read auto MFA considering camel cases
Cymmetri Verify app- Cymmetri mobile app is not able to fetch TOTP from verify app if the re are more than 20 TOTP users
Users Managed View- Managed view should get blank for those application not supporting this operation
Configuration>Master>Browser Tab text is not correct
Workflow- Close button in Users details pop up box should be enlarged (currently not visible properly)
Branding-Should show proper validation message on UI
Version-provisionsrvc showing two times
PAM> SignOn Policy- Discard button is not working
Identity Hub> Users: Others field details are not visible on user display page on editing profile
Cymmetri app(selfservice)-Auto read MFA-when Cymmetri verify app having App protection is enabled then also it is reading,bypassing app protection
Cymmetri Verify - Google Authenticator Import TOTP timer not running
Cymmetri Verify - MFA Push Registration fails
Cymmetri Verify - App crashing on Samsung fold phone
SAML-Expression-restrict to show id
SAML-Expression-if user don't have data and fetching data then no message showing on UI
SAML Key:- Not able to understand why validation message is showing invalid arguments
Delegation- Session getting expired even after refreshing token continuously
External idp login showing error
SAML-User is not able to download metadata, showing 500 internal server error
API SSO validateToken API only validate the auth_key parameter
Password converter only accepted encrypted value. it should also accept user's editable va lue
Identity Hub>Group: Grey out Group name field for remote groups as user cannot edit name

Known Bugs

Manager notification: receiving user name required manager name
AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)
Application getting assigned from UI. If it is failed.
Group-Custom Attributes not getting updated in group while assigning user to the group manually

3.0.4-Beta

Version: cloud_3.0.4-beta product release

Date: 03 January 2024

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

New Features

Connector
- Darwinbox
- SuccessFactor
Cymmetri Verify now supports webauthn QR code scanning from mobile in case mobile camera doesn't support QR scanning
Persistent Form Enhancement
- Added Form submission support on Role assignment.
- Added Form submission support on Role unassignment.
- Added configuration to enable/ isable form submission on role assignment and unassignment.
Policy Map Data Type Converters
- Added support to input pattern of date of target system.
- Added support to convert date & date time of target system using mentioned pattern.
PAM
- Download AD Certificate
Passwordless Login Flow Enhancement.- Now tere is MFA registartion is optional in login
Lock user on mfa failed Attempt.
- Added configuration for mfaattempt, coooldown period.

Fixes

Reset password OTP- Max limit validation message should be displayed if 3 invalid otp are provided
For the newly created tenant configuration showing error
For newly created tenant notification template not loading
Time-based/Normal Application- When deprovisioning time-based application or successf ully assigned application is going into failed state showing null pointer exception
Selfservice-Behalf-User-Group-Group is already assigned then also it is again available for t he assignment
Selfservice-Team-User-Group-Group is already assigned then also it is again available for t he assignment
Group-Custom Attributes not getting updated in group while assigning user to the group manually
Provision Rule- User need to refresh page when adding/updating application role condition
Recon pull with AD-For default data related to date it is not working
ctrl+K search -add MFA rule not present
Partner portal-Add customer with domain-for domain field validation should be as per the normal registration
Cymmetri verify App(Selfservice(-Need to handle auto register flow in the application MFA
App Auth does not work when verify app in closed state
ios 17.2 Auto Auth not working
ctrl+k search-Read only user redirecting on add form
SAML-Expression-Provide sample on i icon
PAM- Rename server to device
Login with PAM Read Access Admin-PAM>Devices>Setting: User is able to edit complete p age details and showing processing validation message when clicked on save button
User not getting deleted from AD when assign in AD
Recon-Pull-Group, for one user having 900 groups, then under recon history showing error,same vice versa one group multiple users
Take pull from AD- User having remote group present in AD
When password is expired and the user is trying to change password then it is not adhering password policy, accepting same old password
SAML-Regular expression-if user entity not exist and doing SSO then in audit data should be present
Identity Hub- Group: Validation message should be shown when clicked on assign group button
Identity Hub >User: Custom attribute dropdown is not completely visible
Custom Attribute Import- When password attribute is imported via csv file then password should be visible in encrypted form in user details
Custom attribute Import via API EXT- Password should be encrypted form when imported
Application MFA- Showing routes issue when accessing application
Not able to login on partner portal via admin login
Route issue-On click configuration tab
On Behalf- Route issue
Import> Download sample file- showing route error
Browser cookies disable-end user-facing difficulty
Calendar: Resolution specific> Calendar Ul is getting glitched at 75% 80% 90% zoom
Identity Hub-Users: User should not be able to assign application again if already is assigned.
Teams-Add user showing unknown error
Inbox showing unknown error
Teams-User list not showing
Application Recon- When user is trying to Pull users from database and if pin code is blank, then default set value should have been taken
Authentication> Auth rule- Showing Rulesrvc not found validation message
Policy map update-on save showing error
Hide this /disable button when script is enabled
MFA- Rename SMS Authenticator to OTP Verification
Application getting assigned from UI. If it is failed.

Known Bugs

Manager notification: receiving user name required manager name
AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)
Workflow initiated for form but form is getting updated without workflow approval.

3.0.5-Beta

Version: cloud_3.0.5-beta product release

Date: 12 January 2024

3.0.6-Beta

Version: cloud_3.0.1-beta product release

Date: 30 January 2024

New Features

Provision Rule Revamp:
1. Restructure Provision rule condition configuration
  - Provide support single condition and group condition in condition config.
  - Provide Operator support like Equal and Not Equal.
  - Provide AND , OR Operator support for multiple condition in provision rule condition config
2. Group provision Support
  - Add group in provision rule. (only local group)
3. Old provision rule migration
  - If old rule without condition mark as inactive.
  - if old rule without application also mark as inactive.
UI/UX Changes:
- Application profile and group mapping in SAML SSO
- SAML Service Provider - Restructuring and provide defaults
Deprovision Rule support for user delete (if no application assign)
SSO -SAML
- SSO-group policy Mapping -- SSO SAML.
- SSO-added nameFormat in profileMapping and groupMapping -- SSO SAML.
- SSO-added digest algorithm method.
- SSO-added list support for profile mapping.
Mfa Attempt Enhancement(Old behaviour when admin locks the user then user should not able to unlock from selfservice now he/she can able to unlock yourself)
- user can unlock if admin locked the user
- invalid mfa will permanently lock the user, user can unlock account after mfa cooldown period is completed.
- admin can unlock the user which will unlock the mfa as will
UserType Master Support in User Creation and Updation.

Fixes

Provision Rule- Rule is not getting applied if previous provision rule is deleted.
Group- Search functionality is not working
Not getting form values in the target application when Form updated, role assigned and role unassign
Self service app- Increase spacing
Notification bell icon- When notification is empty, mark read and delete option should not be clickable
Cymmetri self service app- When clicked on groups or application from on behalf tab, it is redirecting to dashboard page
User Onboarding| Contact info details not accepting other country mobile number
Cymmetri Verify app- For long tenant name timer clock is not visible
Group-Attribute detail-provide search
Android Heads Up Notification now will display notification upfront which earlier required from user to turn on from the Notifications Settings (Float Notification)
Notification template-correct spell for delegation
Deleted user login-on forgot password this user should be validated and restrict,currently showing error-Please try again
SAML-On clicking validate regular expression should show data message which is available in backend
Ctrl+K: Search filter is showing records for all the letters mentioned
If the admin lock the user, then the user should be able self unlock by forgot password flow
Audit- Audit log should shows role specific logs for role assignments/ unassignments
Self Service: Access review- Validation message is not complete it is getting cut
Registration- Showing processing please wait validation message after registering user and without any setup if user is clicking logout
Self service app-On behalf: When clicked on application/groups from dropdown mobile keyboard is getting displayed and due to that applications/ groups visibility is less
Not getting form values in the target application when form updated, role assigned and role unassign

Known Bugs

Manager notification: receiving user name required manager name
AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)
Workflow initiated for form but form is getting updated without workflow approval.

3.0.7-Beta

Version: cloud_3.0.1-beta product release

Date: 09 February 2024

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

New Features

PAM SUDO SU feature for linux server.(For SUDO SU shortcut key Ctrl+Shift+E)
SAML Assertion Preview
Encrypt saml response
ETL
- Custom Create user in AD API with unboundid library
- Custom user assign to group in AD API with unboundid library
Configurable UI Info and Actions:
1. Hide "Reset / Unlock User"
2. Hide "Login Help Page Link"
3. Configure "Login Help Page Link"
4. Hide "IP Address"
5. Hide "Self-Service App Links"
Login Help page external link updated
Cymmetri Verify
1. Firebase version upgradation
2. A troubleshoot page provided if FCM token is missing
SSO UI migration
Made Gateway IPs and Proxy IPs non mandatory on the Masters -Zone page. Only Name and CIDR fields will be mandatory.

Fixes

Default delegation consents do not convey responsibility of delegator or delegatee
Self service app- On behalf: When clicked on application/groups from dropdown mobile keyboard is getting displayed and due to that applications/ groups visibility is less
Provision rule-On click save showing error,without condition
Configurations-general-config-Rename message for User Decommission Config
Label update for suspend config
Provision Rule; Groups/Application- If user is selecting any local group in first field then second field is greyed out not showing other local groups
Notification content should not be hardcoded
Remove trailing slash from selfservice endpoint
Error handling for product Webhook custom error
Application SSO-attribute mapping-without selecting Cymmetri Attribute save button should not be enable, as this is mandatory field

Known Bugs

Manager notification: receiving user name required manager name
AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)
Workflow initiated for form but form is getting updated without workflow approval.

3.0.8-Beta

Version: cloud_3.0.1-beta product release

Date: 23 February 2024

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

New Features

UI/UX Changes:
- Skeleton loaders - Improved loading indicators
- Filter enhancement for Users and Application pages - Now filter persists the data once go in the detail page and come back also an indicator to show how many filters or any filters are applied
- Branding changes - Now the preview of branding will be on scroll for better UX , "should help icon be shown " field would highlight the help icon
Mfa attempt Admin User lock
1. Mfa attempt config added in global auth policy
2. Self-unlock flag to unlock the user during admin lock the user
3. Email for invalid mfa attempt
Service Provider (SP) Initiated SAML Single Logout
Secret Questions verification changed
- Earlier it used to show all question and mandate user to fill all the configured questions . Now it will only ask user to show dropdown multiple times configured by admin for minimum correct answers.
SBI VAPT :
1. Encrypt 'login' in some public api same as password encrypted. Following APIs are changed:
  1. validateIdentity api : on login page validateIdentity api change get type to post and in request body login encrypted value pass.
  2. token api : on login page token api login encrypted value pass.

Fixes

API Integration for passwordless flow reset password
Workflow- For user list workflow approver, user is showing in list dropdown but in pending workflow it is showing empty.
Application- Application name should be unique
Applications Group mapping- Change the validation message as only one group can be added in group mapping/ disable the add attribute button after 1st group mapping is done
AD application Recon- When importing users via recon having provision rule assigned for User creation with condition, then showing error in recon history and again after executing run now command then user is getting imported but going in Ignore case.
AD Application recon- When workflow is applied for User creation having condition applied(Department=Accounts), and user is imported via recon, recon history is showing user assigned but when searched In identity hub-Users, showing user not found.
Notification Template- Showing processing please wait message when trying to click toggle button
Provision Rule- User should not be able to save provision rule without adding applications/groups
SBI VAPT || Testing and changes for SBI as well as product
Application SSO- Label change to update
My workspace>Inbox- User details popup box should not be displayed when user is deleted from admin account after initiating workflow
Deprovision- Remove Exclusion Applications field
Delegation account- Change label from Delegate Session Active to Delegate Session Information
Users> Applications- Total number of applications assigned should be shown in user account
User: Menu Action- There should be sync event toggle button while marking user inactive in user menu as available while marking inactive from user setting tab
Policy attribute- When removing policy attribute, that field is not getting removed also it is visible in policy map application field dropdown
Identity Hub> Users- Users should be searched on basis of Usertype as well
User Creation Workflow- When clicked on the cancel button on the workflow preference popup box, it should remain on the user creation page. For now it is cancelling the whole process
Application> SSO>Configuration>Edit configuration- UI for logos and name is not proper
Application SSO> Configuration- Marked button should be disabled until service provider is selected
Branding- Change label as both the fields are sounding similar
Branding- Preview is not available after changing setting
Branding- Add a short note/sample file for default help link when show help button is Yes
User Filter- Reset button should reset all the filters applied and load complete data
Self Service App>Managed access- Fields on right side should be slightly moved to left as in mobile it is not visible properly
Application Audit logs- Applications are getting updated when password reset is performed for users.
Selfservice app-MAX MFA attempt message is not readable
Self Service mobile app: Application- Application Tag is not visible when clicked on move to tag option at first time and later on option is continuously visible
My workspace> Inbox- Starred requests are not getting saved in starred folder
Exclude application > delegation- When any application is added in tag and excluded by delegator, then should not be visible in delegatee account
My workspace: Application- One application should be assigned/moved to one tag only
Teams Configuration- Showing route issue when saving new teams configuration

Known Bugs

Manager notification: receiving user name required manager name
AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)
Workflow initiated for form but form is getting updated without workflow approval.

3.0.9-Beta

Version: cloud_3.0.1-beta product release

Date: 03 November 2023

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

New Features

Provide show to user flag support in Application Setting .
- Application Setting
  - show to user
    If flag is off,then hide application from my access ➝ assigned application.
    Delegation : If flag is off,then hide application from Delegation ➝ my access ➝ assigned application.
  - user can request
    If flag is off,then hide application from my access ➝ request for assign application.
    If flag is off, then hide application from On-behalf ➝ users ➝ request for assign application.
    Delegation : If flag is off, then hide application from Delegation ➝ On-behalf ➝ users ➝ request for assign application.
Framework Upgrade: Java based services are updated for spring framework, spring boot, also updated utility libraries. Please note it may have impact on several functionalities.
MFA attempt Admin User lock
- MFA attempt config added in global auth policy
- Self unlock flag to unlock the user during admin lock the user
Token Rolling period : Token start period should start before current server time.
Passwordless reset password : When password is required to be changed then user is forced to change password during login using passwordless.
Bearer Token subject is encrypted now in header.
cookies samesite attribute is being set to strict to all the cookies.
Active Directory new bundle (Using unboundid.ldap.sdk library) - Phase 1
- Server Connector bundle name: simpleADServer Connector bundle version: 1.0Server Connector name: com.cymmetri.connector.simple.ad.SimpleADConnector
- Added one field inside user configuration of active directory "Disable User With Date Time".

Fixes

Policy Attribute- Add pagination
Teams Configuration- Showing route issue when saving new teams configuration
Passwordless- Passwordless page is showing blank when clicked on clicked on Passwordless button on Login page
Notification template- Increase spacing between Kathreftis Team and Disclaimer and remove space above
Login failed> User locked Template- Change notification template
My access> Applications- If an application is already present in a certain tag, when attempting to move it to another tag within the "All Applications" section, it should not be visible in the tag it is already associated with.
Login-Tab button should be applicable for enter password field when passwordless in enabled
AD Application- When assigning remote group to AD user, showing error
Passwordless- Passwordless page is showing blank when clicked on clicked on Passwordless button on Login page
Self-service app: On-behalf tab is loading late
Master> Zone- When editing zone then status is always changing to inactive
Authentication Rule- When user is trying to reset password having LDAP authentication active, then password is changing into target system first and reflecting older password in target system
PAM- Dormancy disabled config- By default config should be disabled
Audit-"action":"DORMANCY_DISABLE_COMPLETED" ,Data showing null,need to show data
PAM dormancy disabled showing failed
Deprovision- All three fields should be in one line
Policy Attribute- Add search filter in policy attribute
Delegation- Add cancel button after editing consent
My Access> Applications- When moving application from one tag to another, then validation message should be proper for end user to understand
Campaigns> Access Review > Campaign Manager- Sorting is not working
My Workspace> Inbox- Need to refresh page every time to see changes in started request
Global Auth Policy- Update message to "Auto Unlock MFA period should be less than Account Auto Unlock period."
Insights> Reports -Showing error message when disabling scheduler toggle
Application MFA update -on click Next button -getting in loop
PAM vault user-Confirm button should not be enable till any value entered
Validation message change-Change 1 days to 1 Day
Teams Config- Configuration should not be saved without adding condition
Teams - User is not able to lock/unlock account even after configuration in teams is enabled
Need to show proper error message when Maximum MFA attempts reached
Reset Password OTP -there is only OTP option is available then also showing error message for question
MFA- User not able to login via Consent based MFA showing error
Login- Showing error when trying to log in using secret question as MFA
Teams Configuration- Showing route issue when saving new teams configuration
MFA count gets reset, when admin mark lock to unlock
MFA- User is able to unlock account event after unlock user account time is not completed
Login with password less-password expiry should be consider and need to follow steps to reset
When admin lock user the take conformation, unlock yourself or lock lifetime
End date over user login-on forgot password this user should be validated and restrict,currently redirecting on MFA
Inactive user login-on forgot password this user should be validated and restrict,currently redirecting on MFA
Need to update audit when user attempt max MFA
MFA- User not able to login when user is trying to login using normal password flow
My workspace> Active Campaign- Latest selection should remain as it is.
Pagination persistence for users (when a user clicks on lets say 3rd page and go into the user details and when come back the pagination gets reset )
Application provisioning workflow- Assign application to user and then cancel it, still showing user assigned
My Access>Application> Tag- Search filter should be applied for tag applications as well
Add New Application Search , when no data is there the UI breaks and a No Data Found card should also be shown on screen
Login Page- User is not redirecting to mentioned login help page( Mentioned in Branding)
Cymmetri Mobile App- Changes required in secret question layout on login page
User Creation Workflow- When clicked on the cancel button on the workflow preference popup box, it should remain on the user creation page. For now it is cancelling the whole process
Branding- Show validation message if user miss to fill any fields and clicked on save button
Lifecycle mgmt>Workflow Configuration- Save button should be enabled when removing approver.
Suspend user-For device deleted message should be shown as Device Deleted
User Onboarding- When provision rule is trigged while onboarding user and any application is assigned to user then assigned tag should be shown in that application as showing in Groups
Configuration> Master- Accepting emoji values in Global Master
MFA- Secret question- Answer field should get blank after question is selected.
Delegation- After delegation time is completed, delegation configuration should be updated
Authentication Rule- When user is trying to reset password having LDAP authentication active, then password is changing into target system first and reflecting older password in target system
Global Auth- User should be able to set Account unlock and MFA unlock to minimum 1min
User-Account lock-Account is self lock then also on UI showing message user cannot unlock
User Setting- Showing user not found error message
Lifecycle Management || Applications redirects user to Identity Hub
Campaign- UI of Calendar field is not proper
Policy attribute- When removing policy attribute, that field is not getting removed also it is visible in policy map application field dropdown
Audit Log- When duplicating a tab and subsequently refreshing it, then audit log is displaying a random requestor ID
Global Auth Policy- "Allow Users to have" is displayed twice

Known Bugs

Manager notification: receiving user name required manager name
AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)
Workflow initiated for form but form is getting updated without workflow approval.
In application setting if show to user flag off then also application show in recent application.

3.0.10-Beta

Version: cloud_3.0.10-beta product release

Date: 21 March 2024

New Features

Addition of Grade as an attribute for users
- Workflows updated to support grade based approvers
  - Added grade to Pending Workflow Page
  - Added grade to Workflow List Page
- Added grade for User profile
  - Added grade in create user, update user and user info page
  - Added grade in user info page for Suspended Users and Archived Users
  - Displaying grade in User Details [Assignee Details]
- Added grade in Attribute Setting
- Added grade for the policy map [cymmetri policy mapping drop down]
- Added grade for the bulk import
- Added grade in Teams Config Page
  - Added grade in create user, update user and user info page
  - Added grade in user info page for Suspended Users and Archived Users
- Added grade in OnBehalf config for self user
- Displaying the grade for self user profile
- Added the grade for the pull/push reconciliation process
- Added the grade to get the value of the middle name in a user profile
- Added grade to create the user through apiext
- Added grade in JIT to create the user -Not working
- Added grade value on the page that displays the delegatee
Analytics Metabase in the report
- Configuration of Metabase
- Metabase Report
__MANAGER__ support in policy map for manager assignment in Active Directory (Target application)
Addition of Middle Name as an attribute for users
- Added middle name in create user, update user and user info page
- Added middle name in user info page for Suspended Users and Archived Users
- Added middle name for User Profile
- Added middle name to Pending Workflow Page
- Added middle name to Workflow List Page
- Displaying middle name in User Details [Assignee Details]
- Added middle name in Attribute Setting
- Added middle name for the policy map [cymmetri policy mapping drop down]
- Added middle name for the bulk import
- Added middle name in create user, update user and user info page
- Added middle name in user info page for Suspended Users and Archived Users
- Added middle name in OnBehalf config for self user
- Displaying the middle name for self user profile
- Added the middle name for the pull/push reconciliation process
- Added the middle name to get the value of the middle name in a user profile
- Added middle name to create the user through apiext
- Added middle name in JIT to create the user -Not working
- Added middle name value on the page that displays the delegatee
Role Required in Application Assigment
1. In application setting, Role Required flag added.
2. Application Assignment flag is enabled in the below mentioned pages:
  1. Application assignment page
  2. User page, in application assignment
  3. Self-Service
    When user request for application
    Teams page, in application assignment
    Onbehalf page, in application assignment

Fixes

Application Update Workflow- In inbox user name and Login Id fields are showing empty
Rename application name as shown below should be Google Workspace and not Google Workplace.
Fix typo in application provisioning labels
Preference Workflow config popup box - Add Auto option in dropdown list when workflow approver is set to user list
My access application- Calendar UI is not proper for 90% resolution
Password policy-Show last sync time if already sync
MFA attempt configuration-take confirmation on save
JIT-Detail showing route error
JIT-Custom field-Only type=USER should be present in dropdown, currently showing group also
correct notification template-login failed
Unlock User- API is getting called twice and login should be shown in encrypted form

Known Bugs

Manager notification: receiving user name required manager name
AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)
Workflow initiated for form but form is getting updated without workflow approval.
In application setting if show to user flag off then also application show in recent application.
Creating the user through the JIT: Message was rejected due to issue instant expiration

3.0.11-Beta

Version: cloud_3.0.11-beta product release

Date: 05 April 2024

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

New Features

New Feature - Amaya (Schema Maker): A new feature called "Amaya" is released for generating policy map, policy attribute, and also for generating schema for various functions - Create User, Update User, Sync User, Search User etc. Using a UI-based designer, an administrator may configure JSON REST-API based applications without needing to write scripts for the above mentioned functions.
Role Required in Assign Application(Backend Validation):
- Bulk Application Assignment
- Admin Application Assignment
- Admin User Page
- Selfservice, User Application Request
- Selfservice -> Teams, Application Assignment
- Selfservice -> Onbehalf, Application Assignment
Active Directory new bundle (Using unboundid.ldap.sdk library) <Group operation supports>
- Added a field inside Active Directory User Configuration Page: "Add or Remove group using Simple AD".
Added a default filter for the start date as the current day in all report detail views.
The view button in the application role is only visible when edit access is not provided to the user, but read access is granted, such as for read-only users.
PAM - Device Termination when device unassigned

Fixes

Inbox- Request count should be shown in claim> open request as visible in Requests>Open request
Application deprovision Workflow- When removing role from user application, workflow is getting triggered but before saving popup box is getting disappeared
Password Policy- Accepting -1 in password history versions and also displaying in policy rule when changing password
Password Policy- Password history versions should have default 0 value and also add note specifying description of 0 value.
Import user with grade,need to handle user import with inactive grade
Attribute setting- Not able to disable grade attribute
Audit log- Showing application id instead of application name when moving application to tag from self service app
AD Authentication- Audit log should be shown when changing password for AD authenticated user
My workspace >Teams>Users- The message "User account locked" appears whenever changing pages.
Forms- Field name is not displaying double spaces when inserted in JSON field
Workflow Config- Add Remove button for stage 1 user
Tenant registration flow- show password not working
Workflow- Pending/ Inbox- Menu action should not be visible for every application or when field is empty.
Identity Hub>User Filters- When applying a filter for inactive users or any other filter and then activating the same user, the filter selection is removed, but the count is still displayed.
Upload CSV- Not able to drag and drop csv files in import users, manager assignments, groups
Global module search-when product is disabled and the user trying to search then showing an error
Application update Workflow- Workflow is not getting trigged when application role is assigned to user
Partner portal-delete customer not working
Applications-For old google applications name getting replaced with Google Workspace
Password Policy>Blacklisted Password- When setting blacklisted password for user showing error
Password less login showing error
Email Notification- User is not receiving email notification
Version Specific > Delegation recent apps- When delegatee is accessing account then excluded application are still showing in recent used apps
Admin MFA -on click save showing error
TEAMS-Menu action click showing unknown error
Admin Dashboard, Risk Dashboard and Insight reports are not loading
Taking time to load data in complete application
User-Activity -taking time to load data
AD- Recon- Push- Users are going into pending state for new AD bundle
Managed View- IDM value is not getting displayed
Notification template-need to add middlename attribute under system variable
Users | Sort by filter should be beside Sort Order
Role mandatory-In import assign application there is no validation, without role also able to assign
Identity Hub>User>Setting- Admin should not be able to lock himself from setting
Suspend user-for AD update , remove application
AD application - In Suspend user, application status is showing fail updation state
Group-Recon pull-update and full sync assign/update-taking too much time
AD Group pull || Only under 1000 member getting pulled (Connid Restriction)
Remote group-bulk assignment showing error, "failureReason" : "javax.naming.ServiceUnavailableException: [LDAP: error code 51 - 0000200E: SvcErr: DSID-031A1202, problem 5001 (BUSY), data 0 ]; remaining name 'CN=allgroup,OU=allgroup,dc=cymmetri,dc=in'"
When Add group pull/push then server getting stuck due to memory increase.
Remote Group assign in bulk-Not moving all user in group under AD
AD Application new bundle- If user is inactive in AD, and same user is updated in Cymmetri then user in AD should also get updated
AD Recon push-User not getting push in target (New bundle)
Adaptive MFA-Blacklisted ip configuration- Not able to enter range
Phone number - Phone number and country code validation issue
Partner portal- Company name letters should be extended to 100 characters and space at the end should be trimmed
Partner Portal- On admin approval dashboard page, column name width should be identical, and if name is extending then extended name should be shown in hover.

Known Bugs

Manager notification: receiving user name required manager name
Workflow initiated for form but form is getting updated without workflow approval.
In application setting if show to user flag off then also application show in recent application.

3.0.12-Beta

Version: cloud_3.0.12-beta product release

Date: 18 April 2024

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

New Features

Upload filename length validation: When file is upload in form of profile image, excel file import then validation is added for the file name length.Implement pages are as follows (20 characters)
- Selfservice profile picture
- Application image
- Excel upload in User import, manager assignment, application assignment, group assignment,Role import
For the remote group, when a user or application is assigned to the group, they will not be assigned to Cymmetri until they have been successfully assigned to the target.
Workflow Config
- After creating work flow now user redirect to workflow config page.
- Now we can't active workflow if approver not configure in workflow config.

Fixes

Application> Roles- Add toggle button to Active /Inactive status.
Add application/device name with space,Space should be trim
Users> Activity- Filter and search should be added in user activity
Workflow-"Save" button should remain disabled unless some condition is mentioned
Application SSO-attribute mapping-for duplicate entry,message should be show on same screen,refer other module for the duplicate entry error message
Lifecycle Mgmt>Hook Config - Search filter is not working
Amaya Connector- Show complete name on tooltip
User Setting- Change validation message for all three tasks( Active, Inactive, Delete)
Workflow Configuration- If approver is not present then workflow config should not get active
Partner Portal - Add Asterisk (*) for marked fields
Partner Portal- The validation message indicates that spaces are acceptable, but the field is not currently allowing them
Partner portal- Company name letters should be extended to 100 characters and space at the end should be trimmed
Amaya-Param getting duplicate
Trigger email to user when MFA max attempted in login
Master > Audit logs- Audit for fields created or updated in Master is not showing except for Grade
PAM Device- Not able to search PAM devices from my workspace
Application add with space,Need to handle space in backend also as temporay fix deployed from UI side
Rename- Dynamic json connector to Amaya
Amaya connector- Rename Dynamic Json connector to Amaya
Dynamic Json Connector- Text is overflowing tag border
Delegation- User should not be able to save delegation when start date is in past.
Amaya-policy map-felicity-If for policy map attribute not generated then default value should be there
Add application-For policy map default should be off
Update pagination offset - label and placeholder
Amaya-Response getting hide
Rename Amaya provision sub tab to User Configuration
Amaya-Policy map,tooltip overlap issue
Partner portal-under cymmetri customer total user count showing-1, actual available-12
Recon- Modes should be non editable
Import users via CSV/recon- Users should not be imported/ should show error when particular usertype, department ,designation fields are inactive
Load Test Data: Identity Hub> Users- Pagination is not working when multiple users(Load) are present
Workflow- Workflow popup box is showing unknown but in pending workflow is going into requestor manager
User-Filter with custom attribute not working on below data
AD Application new bundle- If user is inactive in AD, and same user is updated in Cymmetri then user in AD should also get updated
AD Recon push-User not getting push in target (New bundle)
Recon- Timing is not correct
Application delete-Deleted application present under Provision rule ,even after application deleted
Processing please wait message should be changed, when no data is entered and clicked on preview assertion
Deprovision- User is getting suspended when deprovision rule is executed via scheduler when no end date is applied or status is inactive
Reports> Filter- Showing error message to enter start and and date when resetting filter or applying any other filter.
Remote Group assign in bulk-Not moving all user in group under AD
To verify user deleted from AD OU and cymmetri admin trying to assign remote group
AD application - In Suspend user, application status is showing fail updation state
Remote group-bulk assignment showing ServiceUnavailableException
Group-Recon pull-update and full sync assign/update-taking too much time
Ad Application- Application assignment is going in failed state , but deleting application is also getting failed
Assign user to remote group is failed
AD application recon- When workflow is configured and recon is executed, then user is going in pending workflow
AD New Bundle- Thumbanail Photo is reflecting incomplete(In hex form) in AD
Workflow- Workflow popup box is showing unknown but in pending workflow is going into requestor manager
Recon-Name not present then also showing error for the duplicate
AD application - In Suspend user, application status is showing fail updation state
Custom attribute Import via API EXT- Password should be encrypted form when imported
SSO-Openid not working on QA, same working on dev
Multi node-Application assign with role, all user getting assigned but still import showing inprogress
API ext (API Client) User not getting created
Deprovision rule-user data not getting updated when change Grace Period 3 to 0 days
Unable to add Gmail account on Android after logging into Cymmetri
Tenant specific> Reset OTP config- Not able to save configuration
Partner portal- Display validation message specifying some fields are missing
Grade workflow- Preference config popup box is showing user name but pending is showing Unknown
Group recon pull-when space is in name then not going in ignore case
Workflow- Sequence for approver is mismatched in preference config popup box and in pending workflow
Workflow- Workflow in preference popup box is showing user name but in pending showing unknown when applied for user list or grade
Workflow- When approver is set as reporting manager and application workflow is initiated then preference box is showing approver name but pending is showing unknown
Schedule report- cron not getting updated, from hourly to change once in day then also report receiving hourly
creating the user through the JIT Message was rejected due to issue instant expiration
PAM device is assigned then on access showing message for the disconnected
AD Adaptor token- Token is showing Invalid
PAM Device- showing processing plaese wait validation message with 403 forbidden error
Application- Showing processing please wait validation message.
Loadtest-workflow page not loading
Expired session: Showing blank page when clicked on user setting logout tab
Suspend Config- User should be able to disable suspend config
Deprovision- Deprovision via scheduler is not working
AD-Recon pull with update-If user data removed from AD and taking pull,then this data not updating in the cymmetri user data
group push-not taking user in AD at the time of update
Daily scheduler running late
AD Application- Showing error when trying to update profile picture
MFA- Rename SMS Authenticator to OTP Verification
Global Auth-When the "Single Session > Block Session" setting is enabled, attempting to log in with the same user account should block the user even before verifying Multi-Factor Authentication (MFA).

Known Bugs

Manager notification: receiving user name required manager name
Workflow initiated for form but form is getting updated without workflow approval.
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty

3.1.0 - Product Release

Version: cloud_3.1.0 product release

Date: 02 May 2024

New Features

Add Welcome Guide when no nodes added
Amaya Operations cards messages updated
Tooltip DX enhancements
Add confirmation dialogue when request method is missing
File Upload Validations based on filename length and file size
- File validation applied on User Bulk Imports, Group Assignments, Application Assignments, Role Imports, Upload metadata SSO.
- Branding Image upload applied image size validation and image name length valdation.
- Validation also applied on self service User avatar upload, application icon upload.
Cymmetri Verify App issuer format is changed now so there wont be duplicate record creation from now onwards, earlier we did not take into account of the environment but now we are considering that as well

Fixes

Deprovision Via scheduler when threshold value is set:- Past date user is also getting deprovisioned when rule is applied on status
Application-Role-One role mandatory, validation should be present at least one active
Node name without spaces overlap
Amaya- Not able to drag down node which is at the top most corner
Campaign - Campaign action reminder email time calculation wrong
Campaign- Campaign is getting aborted and summary is showing blank when campaign for local group is executed.
Custom attribute - When custom attribute filter is applied in users, showing no users found
Workflow- Preference config box is not visible while deprovisioning application
Self service app: While setting up secret question authentication in mobile app, user need to click twice on question field.
User activity Ascending Descending not working
Amaya Connector Recon- Showing duplicate role remarks, but in duplicate field showing 0 records
Identity Hub- Groups- After editing groups when on application / activity page user is redirected to users page by default
My workspace> Create new tags- showing older suggestion as soon as clicked on new tag field
AD Application - View attribute is empty
Tenant registration | Pressing tab key glitches UI
Missing error code mapping
Grade Workflow- When workflow preference config is set to visible, and workflow is applied for user creation, then popup box is showing user list but in pending showing unknown instead of user list
Amaya- When the back button is clicked, a save/discard popup box will appear. However, clicking anywhere on the page directly navigates the user away from the operation page.
Amaya- Save/Discard popup box should not be shown when user is trying to go back without saving any changes
Mobile app- Secret question- Field is showing required even when data is present in field
Cymmetri Verify app- Password recovery should be provided for Exported TOTP user files in case user forgets the password
login via Authenticator-identity provider is inactive then also user able to login.
syslog-configuration- UDP test, for invalid IP also giving success.
Unable to have TOTP account for same username on different environments

Known Bugs

Manager notification: receiving user name required manager name
Workflow initiated for form but form is getting updated without workflow approval.
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty

3.1.1-Beta

New Features

Framework Upgrade: Java-based services are updated for spring framework, spring boot, and updated utility libraries. Please note it may impact several functionalities: a. Access Review b. Risk Engine c. Data Logger d. Reports e. Webhook Sample
Provision rule module updated to support (type: user type and Converter Type: String ) custom attributes as condition parameters.
Support added for address1 and address2 field in user for the following: a) User Import via CSV File b) Reconciliation Application c) Amaya Application d) JIT e) Workflow - Inbox > user details, should address fields be visible Pending workflow > user details, should address fields be visible Archive > user details, should address fields be visible f) In the SSO profile mapping drop-down these fields should be visible.
Workflow: a. Menu Action: Update the topic of the workflow request for menu action. b. My Request: In My Workspace ➝ Inbox ➝ My Request, we show a list of requests that are requested for logged-in users. Now we provide support to show a list of requests which is requested by logged-in users. So now we are showing both requests which are requested and requests for logged-in users.
360 Degree Reconciliation: a. Migrated APIs from Python to Java, since it was a major roadblock for performance.
Webhook sample API details a. Added remark of appId in URL
UI improvement - Global search bar (ctrl + k) search result improvement
Screenshot Removed right side panel in my workspace dashboard which previously showed no. of pending workflow requests with the user
Cymmetri Verify App - A sync service will run to check the pending notification actions that did not take place because the app was in a closed-on-background state and will sync the data based on the notifications
Cymmetri Self-Service App - Earlier to register a tenant in cymmetri self-service we used to scan from our app to register a tenant but now you can use any camera or any scanner of that sort to register a tenant
UI Improvement - "Test Connection" should be prevented when an operation is not configured
SLO- Reverted as business case gap in the developed feature
Breached Password (Pwned Password 98crores+) Integration with Password policy.
Common adaptive data moved to master db: a. ipreputation b. short-lived domain c. breached password
MFA: Encrypt userName(login) in the request of API user behavior initiateKeystrokeCheck.
Suspend Resume: a. After the resume of the user's end date is clear and the user acts as a fresh user

Fixes

PAM Workflow- Meta condition workflow for devices is not getting triggered.
The dashboard count is mismatched.
Policy Map- Cymmetri field dropdown should contain Address1 and Address2 fields
Autofill API sorts in alphabetic order for JSON objects for create/update
Onboarding || User should be able to unselect an application
Add and Edit password policy-need to g\show exact labels for the fields
Identity hub>User create- When importing users space should get eliminated
ServiceNow CURL Import not working
"Test Connection" should be prevented when an operation is not configured
TEAMS-Users profile pic not showing
My workspace- Teams- Showing processing please wait validation message
creating the user through the JIT Message was rejected due to the issue of instant expiration
Campaign- The Google Workspace application name is not visible in the campaign
AD application New bundle- Showing error while importing group having special symbol(-) for recon
Application recon pull configuration-recon pull configuration vanished suddenly
login with domain admin-need to provide Adaptive menu access
AD recon user push- When recon is executed in exist on Cymmetri and does not exist in target = Unlink, the operation should have been executed in Ignore case
AD Application new bundle- Group recon pull operation is showing in ignore state but still, groups are imported in Cymmetri
AD New Bundle>Address Field- Not able to add AD application when address fields are mapped, showing error
AD new bundle- When an AD application is assigned to a remote group, the application is highlighted
Cymmetri Verify App - While deleting the account from Cymmetri authenticator, TOTP is not getting
Custom attribute- Even when a custom attribute is disabled from the configuration, it remains visible
Cymmetri Verify App- For old tenants before env was considered if that totp is used for auto-verified
Custom Attribute-Provision- When a custom attribute with special characters is created and applied
Grade workflow- When workflow over workflow is assigned and is approved by the approver, still workflow is still not updated
Cymmetri Self-service App - Once we click on the web link from the scanner, it should show confirmation
Self-service Mobile App - When an app is in a Quit state and the app is via a scanner(camera), it is not redirected to the login page of the website
JIT- Once the default value is set, the user is unable to edit it, and when attempting to edit, the default toggle is shown as disabled
API SSO- Profile mapping configuration is not working
Provision Rule - Custom Attribute - Value field is not accepting space
AD Application New bundle- The "Application assigned successfully" message should not be shown when the test provision has failed and the application is assigned to a remote group
Azure authorization curl is mis-imported
Provision Rule - The existing rule configuration with the custom attribute is not working.
Audit log-for-date filter add default date is Today
User import-file size upload issue
Cymmetri Verify App - While deleting the account from Cymmetri authenticator, TOTP is not getting removed automatically
Cymmetri Verify App - While authenticating automatically via cymmetri authenticator, the "user not found" message comes twice in the iOS device.
Cymmetri Verify App- For old tenants before env was considered if that totp is used for auto verification it shows the user has not found the need to add that compatibility as well, via Passwordless (TOTP)
AD authentication- Showing invalid token error
Tenant creation not working
MFA- Factors showing empty
Breach password- Asking webauth, this factor is only for passwordless
MFA- The user, is not able to login when the user is trying to login using the normal password flow
Teams config- When the team configuration is inactive or does not match the conditions, an error message is displayed after logging in from the user account, yet all data is still shown
Adaptive service responding slow in load testing
AD Application new bundle- When the Unassign/Deprovision reconciliation is executed for group pull/push, the group should not be deleted from Active Directory
Provision rule - The application is not getting configured for the second condition present in the OR condition
SAML- Showing saml type mismatch error when the user is trying to click on Gmail via SP-initiated process
when the user creates via JIT then the user creation workflow should be skipped
PAM-Vaulting Configuration-AD test showing route issue
Login page- The user is not able to login when MFA is enabled( Prod issue)
Reports- When the report is scheduled, Scheduler history shows content not found and the execution status is aborted
AD Application new Bundle- Audit log for pending records should be shown when executing recon user push for failed provision test
Grade workflow- When workflow over workflow is assigned and is approved by the approver, still workflow is still not updated
Time-based application- Scheduler is executed even when a user is moved to suspended
Workflow- User creation using JIT(external IDP Azure)- Workflow is not getting triggered
Password policy- password rule updated with contains instead of exact match
Self-service-My request takes time to load if more data present
Teams config- When the team configuration is inactive or does not match the conditions, an error message is displayed after logging in from the user account, yet all data is still shown
FIDO-On push approve showing message something went wrong
User lock- When a user account is active, and the same account is logged in through another browser, and by any means, the account gets locked, the first session should get terminated.
Workflow Application Deprovision- Workflow is applied for (Role1) but when removing role 2 still workflow is getting initiated.
JIT- Once the default value is set, the user is unable to edit it, and when attempting to edit, the default toggle is shown as disabled
Recon Group PUSH- When recon is executed for both existing Deprovision, then the group should be deleted from the Target application and not from Cymmetri
PAM-Add/Edit vault user showing error
MFA push location showing unknown
/mfasrvc/userbehaviour/initiateKeystrokeCheck in this API login going in plain text expected encrypted.
MFA- Factors showing empty
AD New Bundle- Available Records should be synced when recon is executed for the first time after executing recon in the ignore case
Audit- Change archive to Suspend when user is deleted and moved to suspend users
AD application new bundle - When SAMaccount name is set to false in the Group policy map, members are not assigned in the group when recon Pull is executed for both exist=Update
Recon Group PUSH- When recon is executed for both existing Deprovision, then the group should be deleted from the Target application and not from Cymmetri
Identity Hub-Group- Change Audit log message
AD Application- When the group is unassigned via recon, users, and applications are deleted but the group is not
File Uploads, Filename length validation should be inclusive of the file name and extensions
User import-file size upload issue
AD Recon group Push- When recon is executed for a group that exists in Cymmetri and does not exist in the target system Operation should be shown in Ignore case as no action is performed on Groups
Remote Group- When the user is added to the remote group, the count should be increased automatically or after changing tabs
Recon Push Users- Multiple entries for the same users are visible in Recon History.
MFA- When push authentication is enabled and MFA rules are saved, but then Push auth is disabled from MFA factors, users are still prompted for push authentication when attempting to log in
Deprovision: After resuming a user from the suspended user list and applying deprovisioning via a scheduler with no end date, the user is still being deprovisioned again
Workflow metacondition- The Metacondition name is getting reset after selecting
AD group attribute- When the member attribute is clicked, it redirects to the assignment page
While creating the custom attribute with the same name as the provision rule options, the application is not getting assigned
External IDP Rule- When the external IDP authentication rule condition matches the user details, the user is unable to log in to the external IDP. Additionally, when that user is locked, an 'Invalid Auth Config' error message is shown.
Provision Rule - Custom Attribute - If the list of custom attributes is more than 10 records while selecting and saving the 11 key, it is not getting saved
When the user deletes, add more information in the audit log under the event attribute
Amaya-On update token screen getting blank

Known Bugs

Manager notification: receiving user name required manager name
In the application setting if to user flag is off then the also application shows in the recent application.
Unable to identify application properties data type where value is empty

3.1.2 - Product Release

New Features

The workflow self-approval module was updated to support custom attributes (type: user type and Converter Type: String ) as condition parameters.
Teams config module updated to support custom attribute (type: user type and Converter Type: String ) as condition parameter.
On behalf module updated to support the custom attribute (type: user type and Converter Type: String ) as a condition parameter.
Auth Rule module updated to support custom attribute (type: user type and Converter Type: String ) as condition parameter.
Quick Setup - Setup applications using pre-defined operations
Import-Export App Configuration - Transfer configurations of applications smoothly between tenants, simplifying the setup for users by ensuring all configurations, including user configurations, server configurations, and policy maps, are accurately migrated.
Removal of Deprovision Rule Exclusion Applications Field: a) Manual Execute Deprovisioning b) Deprovisioning via Scheduler c) Update Threshold Delete Config d) Deprovision Rule Updation e) Backward Compatibility f) Suspend or Resume User g) Impact on UI
Access review reject process updated, on rejection workflow support added.
SAML Single Logout
The new screen will show loading on UI till tenant creation is completed once OTP is verified
Interchanged position of login ID and email on add/edit user for better UX.
Add support for the page number field for pagination in Amaya
360 Recon
Lotus Notes Connector
Application Policy Map (Active Directory) samAccountName is compulsory for Create only flag in User as well as Group (AD application new bundle - When SAMaccount name is set to false in Group policy map, members are not assigned in group when recon Pull is executed for both exist=Update).
Added Warning information and warning popups (Only UI changes no impact on backend functionality): a. Creation of user manually. b. Updating of user manually. c. Bulk upload CSV (creation of user) d. Manager assignment e. Policy map creation and updation f. Reconciliation Pull operation g. Reconciliation push operation h. Selfservice ➝ Teams: i. Creation of user ii. Updation of user
Removal of Email validation from the backend

Fixes

The user info page crashed while the user edit fails
Import/Export of App Configuration
Amaya- Detailed description of failed/executed logs should be shown
AD application new bundle- The group link attribute in the db is empty, and users are not getting updated in the group
AD policy map- Spaces should be trimmed automatically if included while creating a policy attribute
Tenant creation not working
New tenant Registration- Showing subscription end for tenant which is not even registered completely
Secret question configuration- Admin user should be able to delete secret questions when not in use
Secret Question- When a question is already in use and the user trying to delete a question then it should not display a successful delete message.
Secret question- Displaying removal validation message when editing a question
User> Activity- Add a cross (x) button to clear the selection
Onbehalf Config - If the Description is kept blank, no error message is getting displayed on the screen while saving.
Team Config - If the Description is kept blank, no error message is getting displayed on the screen while saving.
On Behalf config- When the view button is clicked, the user is still able to check or uncheck the boxes.
Custom attribute- Even when a custom attribute is disabled from the configuration, it remains visible in the policy map selected dropdown menu
Users - View User- Custom attribute fields text UI is breaking
Custom Attribute- Require text change in success message to " Custom Attribute activated successfully"
Edit User - After deactivating the already assigned custom attribute, in edit user, the system is showing info XYZz" attribute is inactive for the active custom attribute also.
Identity Hub- When clicking on edit info from the user menu action, the user account edit page should open instead of the user display page.
CTRL+K: When any feature/module is already opened and the user presses the ctrl +k button from the keyboard then the search filter modal is opened at the back
Delegation - Delegator and Delegatee consent should not get updated if the user has already set some other consent.
Users> Group- Rename the label from 'Delete' to 'Unassign'.
Audit- Logs for deprovisioned users are getting repeated.
Custom Field- Policy Map- Date is not showing in the correct format
Mobile app- When clicking on the user name for the first time after killing the app, the keyboard is hidden
Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.
Global search (Ctrl+K) - even if characters are not matching still shows suggestions
User setting- An error message should be shown when any action is performed and when landing/refreshing the settings page
Cymmetri Selfservice App - Need to change the message showing in the popup screen while TOTP is getting authenticated.
Mozilla Browser specific- User getting stuck when password-less Webauthn is On
Application - SSO - While clicking on Preview assertion, getting the error "processing please wait"
Product menu getting hidden on workflow page: a. Menu action- Displaying an error message when a user already has one role assigned and tries to assign a menu action.
The user info page crashed while the user edit fails
Import/Export- Showing error message when importing the file into a new tenant (AD specific)
Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.
Quick setup- Data is not getting reset after closing the policy mapping popup box, but getting reset when clicking on the "I'll do later button"
Add Page Number support for Amaya.
Application - SSO While saving the same config in two applications, while clicking on Edit SP config, a popup showing do you want to continue editing the SP configuration? but only the continue button is given
Application - SSO - While saving the configuration in a new application, the save button loader is loading continuously
360 recon-Hide runnow button from detail view
360 recon dashboard filter-add dropdown for break type
360 recon dashboard-label change account overdue to account overdue in the target (also add some info on i icon what is this)
360 recon-Already running recon need to handle, disable the play button, or show a message
360 dashboard-make label consistent
360 recon dashboard-action details showing blank
360 Degree recon-For execution showing error
360 Degree Recon- History some time loading some time not
Recon 360 recon- A validation message for missing data is not required as it already shows no data found on the page when recon is not executed at all
360 recon dashboard-action details showing blank
360 dashboard-Search not working on break type
360dashboard-loginid filter not working
360 recon detail data showing mismatch
360 recon execute audit log not present
360 recon dashboard-on 2nd run details getting repeated
Amaya Azure- Showing route issue error message
Import Application- UI for the name is not proper
Import/Export- Recon is not working for AD's new application bundle
Teams config - while removing the condition in Group condition, shows the error " Please try again"
On Behalf config - while removing the condition in Group condition, shows the error " Please try again"
Teams Config - If the condition is kept blank and save is clicked, getting the error " Please try again"
On behalf config- If the condition is kept blank and save is clicked, getting the error " Please try again"
Import/Export Application- Convertor field types in the policy map are not getting imported
Import/Export - When any application configuration is imported into a new tenant, the user should be redirected to the application provisioning page after the upload
Import application- Showing an error message when importing an Amaya-based application if the exported application was without the policy map checked
Amaya- Policy Map Password attribute datatype identified as password instead of string
Amaya- Rename all operations(Test, Search, Sync, etc....) in sentence case
Workflow- Even after updating Grade as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- After updating the user list as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- When the level 3 approver is updated in the workflow, a 'Workflow Not in Range' error message is displayed.
Workflow- Even after updating the reporting manager as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- When workflow over workflow is applied 2nd level approver is not getting updated
360 recon should consider full sync
360 recon fails then that 360 recon should be abort
Amaya Felicity Role assignment- Taking time to provide an error message
Deprovision- Exclusion Application- Application going in pending deletion state when that particular application is added in exclusion application while manually deleting a user from the Identity hub
360 Recon sync with bulk data showing heap size issue
AD new application- User list is not getting displayed showing urersrvc unknown error.
My workspace> Inbox- When workflow assignment is reassigned by admin, then the previous approver should not be able to accept or reject the request if the page is already open in the previous approver account.
Inbox - Workflow Request for setup for application - Need to enhance the details as per user interface.
Error in the server log-authsrvc , No impact on the functional flow
After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
Campaign - Reviewer can approve self review request
The campaign not getting end, for tenant 2711
Workflow TAT- Workflow is getting aborted when grade is set at second level approver and set TAT time is over
Workflow TAT- Workflow is getting aborted when 2 level approver is set and set TAT time is over
Workflow TAT- Workflow is getting aborted when workflow approver is assigned to the user list
Workflow TAT- Showing error when the user is not present and TAT is over
Workflow TAT- Showing unauthorized error when TAT is over and operation is getting aborted
Recon pull- with both existing links, audit detail not showing
Workflow rule configuration-on edit workflow, previously selected role getting save
AD new bundle- Managed View- View should be proper while separating multiple OU in proxy addresses
AD new bundle- Manager and account expiry is not visible in the Managed view
AD new bundle- managed view- Value is not displayed in a proper format in Name in managed view
AD new bundle- Managed View- Showing different Start time/created time
In the User creation workflow, L1 - User List approved, L2 - reporting manager after TAT is expired, the request is not getting auto reject.
Pending Workflow List - If the approver is User list and Grade then it should display in Current Assign in the pending list
User Workflow - If the reporting manager is set as 2 level approver, the reporting manager is showing as Unknown
Policy Map- When the attribute is searched via the search button and that attribute is deleted then other attributes are not loaded
Profile Picture- After clicking once on the upload button, that button should be disabled
PAM-Server access not getting terminated even after time ends (Related to HA environment only)
User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type
Pending Workflow -If the L1 approver is User List, then while clicking on the info icon, the popup does not show the user list. Also, it is " Grade List Details"
PAM-Server access not getting terminated even after time ends (Related to HA environment only)
Workflow Rule - Workflow is initiated when the group is set as an approver, the group is not visible on the popup screen
AD new bundle>Group- When the "Sam account name" update checkbox is unchecked and the user attempts to update the description, the description does not get updated in the AD
deployment_analytics_1 Service CPU utilization is 100%
Import/ Export- When a file is exported from a different env (Dev) and imported to QA env, then credentials are also imported along
Security Bug Fixes:- E2E request/response payload encryption for all APIs of authservice (as of now, planning to rollout for all the services in the next phase)

Known Bugs

Manager notification: receiving user name required manager name
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to an invalid password
In forgot password/password breach condition-asking disabled MFA factor also
Amaya-Autofill policy map, When the value is not present to the user at the time of application then Amaya passes "$." to the target
Campaign - Reviewer can approve self review request
After the campaign workflow was triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
Remote Group- AD Application- When users are removed from a remote group in Cymmetri, those members should also be removed from the group in the Active Directory
Amaya- Client ID should be visible in encrypted form
Provision Rule - While creating and configuring the custom attribute as "New ", the system is not initiating the rule.
AD new bundle- When an AD application is assigned to a remote group, the application is highlighted in the background while assigning but disappears as soon as the application popup box is closed
Reports- When the report is scheduled, Scheduler history shows content not found and the execution status is aborted.
AD Application- When the Ad test provision fails, and the user tries to delete the application from a user account, then the application should gointon a fail deletion state
Audit- Taking time to load audit logs
AD Application- Showing error when inserting start date in AD
In the application setting to user flags off then the also application shows in the recent application.
User lock- When a user account is active, and the same account is logged in through another browser, and by any means, the account gets locked, the first session should get terminated.
Branding- When show Unlock link from branding is kept as No, and the admin user account gets locked, then the user is not able to unlock the account from the login page
Application- When a user is adding /removing a role then it is not getting reflected without refreshing
group push-not taking user in AD at the time of update
Passwordless- WebAuthn; Showing not allowed error
Delegation-On behalf: when login by the delegate and the on-behalf condition is not satisfied still shows the on-behalf toggle button and gets removed when refreshed
AD Application- Group name should not accept space while creating or updating group name
Audit- Audi log should show log when the user is not getting any records in Recon history but showing task executed

3.1.3-Beta

(26 July 2024)

New Features

User Threshold: a. A UI change has been made in the general configuration for the threshold. b. Creation of user c. Updation of user d. Deletion of user e. Staging for user threshold f. Retry staging user from staging dashboard. g. Archive for user threshold h. Notification for user threshold
User directory search API updated for quick search (keyword): a. Support dropped for grade, userType, department, designation, and custom-attributes b. Supported on: employeeId, email, mobile, firstName, lastName, middleName, displayName, login
Data logger service version info added.
Tenant registration database creation process optimization.
Pending Workflow Inner page applied functionality to reassign users from the inner page
Added QR code zoom feature on FIDO, TOTP and push Authenticator scanner.
VPT: Modify routes of API - /usersrvc/api/user/directory/list/{appId} remove user role form routes.
Custom Attribute support in the following Workflow Rule Events a. User Creation b. Application Provisioning c. Application Deprovisioning d. Application Update
Added the following templates in Amaya Quick Setup: • Atlassian • Zoho CRM • Zoho Desk • Zoho Books • Zoho Expenses
Provided support for integer values for ROLE assignment through Amaya.
Tenant Registration Process Resumption: If the tenant registration process is interrupted, it can be seamlessly resumed and completed using the existing account configuration. The registration process can be resumed from the following stages: a. Pending OTP Verification b. Incomplete Credential Setup
Active Directory || SimpleAD Connector upgrade: a. UserAccountControl attribute support added b. memberOf attribute support in manage system viewer c. ProxyAttribute attribute support added
External IDP SSO: a. added support to login into cymmetri as an external identity provider as IDP initiated sso.
SAML IDP SSO: a. added support to send IDP initiated (cymmetri) sso response to cymmetri as a service provider.
TOTP Config
Removal of Email validation from the backend
DataLogger | Refer to configuration steps here: a. data-logging framework optimization. b. Full sync support, this step is optional and required only if, • Tenant audit database is not present, or • Tenant audit database is corrupt so fresh setup is required.

Fixes

Error in the server log-authsrvc, No impact on the functional flow
Team config - Create - Discard button issue - After clicking not able to add the details in the condition section
Rule engine- Remove the "above" word from the note
login with admin-Campaign detail show role also, currently role showing only for a campaign manager
Amaya API returns null if error instead of error and errorCode
Hide metabase analytics
Workflow rule configuration-on edit workflow, previously selected role getting save
User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type
Pending Workflow -If the L1 approver is User List, then while clicking on the info icon, the popup does not show the user list. Also, it is " Grade List Details"
Identity Hub- The pending initial login symbol is visible far away from the user name.
On behalf configuration - While disabling and enabling the toggle, a popup message shows "This change will take effect on the user's next login" but it is getting reflected on the fly.
On-behalf>Delegation- On behalf, mthe enu is not visible when logged in via the Delegatee account.
SSO- Group mapping- Save button should be enabled when mandatory fields are filled
Workflow- Even after updating the reporting manager as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Global search (Ctrl+K) - even if characters are not matching still shows suggestions
The product menu getting hidden on the workflow page
LDAP connector-LDAP SSL should be saved in Boolean in the DB
User setting- An error message should be shown when any action is performed and when landing/refreshing the settings page
User setting- External IDP rule is active-An admin user should not be able to lock a user when the external IDP rule matches the user condition
Schedule history-ad by default today filter for from and to
Teams config- When the view button is clicked, the user is still able to check or uncheck the boxes
Menu action- Displaying an error message when a user already has one role assigned and tries to assign a menu action.
Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.
Lifecycle Management - All menus - The discard button is not working as expected.
Application - SSO While saving the same config in two applications, while clicking on Edit SP config, a popup showing do you want to continue editing the SP configuration? But only the continue button is given.
Application - SSO - While saving the configuration in a new application, the save button loader is loading continuously
Amaya- Rename all operations(Test, Search, Sync, etc....) in sentence case
Group Policy map- For group custom attribute Cymmetri field type should be automatically selected as working in the user custom field
Teams config - while removing the condition in Group condition, shows the error " Please try again"
On Behalf config - while removing the condition in Group condition, shows the error " Please try again"
Teams Config - If the condition is kept blank and save is clicked, getting the error " Please try again"
On behalf config- If the condition is kept blank and save is clicked, getting the error " Please try again"
Import/Export- Showing error message when importing the file into a new tenant (AD specific)
Import application-show error message user or groupwise
Import application- Showing an error message when importing an Amaya-based application if the exported application was without the policy map checked
Import/Export - When any application configuration is imported into a new tenant, the user should be redirected to the application provisioning page after the upload
Amaya Azure- Showing route issue error message
Import/Export Application- Convertor field types in the policy map are not getting imported
Import/Export- Recon is not working for AD's new application bundle
Workflow- When workflow over workflow is applied 2nd level approver is not getting updated
Workflow- Even after updating Grade as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- After updating the user list as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- When the level 3 approver is updated in the workflow, a 'Workflow Not in Range' error message is displayed.
Workflow TAT- Workflow is getting aborted when workflow approver is assigned to the user list
Team config - Create - Discard button issue - After clicking not able to add the details in the condition section
Import/Export- By default, the time in the application name should be removed when exported
Rule engine- Remove the "above" word from the note
login with admin-Campaign detail show role also, currently role showing only for a campaign manager
Hide metabase analytics
Error in the server log-authsrvc, No impact on the functional flow
AD new application- User list is not getting displayed showing urersrvc unknown error.
The campaign not ending, for tenant 2711
Workflow rule configuration-on edit workflow, previously selected role getting save
AD application new bundle - When SAMaccount name is set to false in the Group policy map, members are not assigned to the group when recon Pull is executed for both exist=Update
My workspace> Inbox- When workflow assignment is reassigned by admin, then the previous approver should not be able to accept or reject the request if the page is already open in the previous approver account.
After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
Workflow TAT- Workflow is getting aborted when grade is set at second level approver and set TAT time is over
Workflow TAT- Workflow is getting aborted when 2 level approver is set and set TAT time is over
Workflow TAT- Showing error when the user is not present and TAT is over
Workflow TAT- Showing unauthorized error when TAT is over and operation is getting aborted
User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type
Reports- SSO-based application- Reports are blank/ not showing data when SSO-based applications are accessed
Pending Workflow -If the L1 approver is User List, then while clicking on the info icon, the popup does not show the user list. Also, it is " Grade List Details"
AD new bundle>Group- When the "Sam account name" update checkbox is unchecked and the user attempts to update the description, the description does not get updated in the AD
Import/ Export- When a file is exported from a different env (Dev) and imported to QA env, then credentials are also imported along
Identity Hub- The pending initial login symbol is visible far away from the user name
On behalf configuration - While disabling and enabling the toggle, a popup message shows "This change will take effect on the user's next login" but it is getting reflected on the fly.
In the User creation workflow, L1 - User List approved, L2 - reporting manager after TAT is expired, the request is not getting auto reject.
On-behalf>Delegation- On behalf menu is not visible when logged in via Delegatee account
Import Manager-Manager is deleted and the user trying to assign them in the import history shows success but the audit shows a failed
Application delete-Campaign-Deleted application available for review
AD new bundle- User policy map- When Sam account name is mapped with any attribute and update checkbox is kept false, and the user is updated, the audit log shows a failed
Workflow>Inbox- Address field names in inbox /pending workflow and identity hub users are not the same
SSO- Group mapping- Save button should be enabled when mandatory fields are filled
Campaign-email report showing error
deployment_analytics_1 Service CPU utilization is 100%
Application - Form - When submitted as blank, after assigning the application page is getting blank.
Reports- Records are displayed after 11min approximately
CSV Import users- An error message is not shown when the user is unable to save user details if space is included in the email
After the campaign workflow was triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
User Workflow - If the reporting manager is set as 2 level approver, the reporting manager is showing as Unknown
Workflow>Inbox- Address field names in inbox /pending workflow and identity hub users are not the same.
Export- Rename Config type to Select All
MFA- When the default MFA rule is inactive, the user can delete the default rule as well
Amaya connector>Policy mapping- The bottom slider should be fixed
Amaya || Validation preventing usage of long valid header
Amaya Connector- By default only green colored (confirmed policy attributes) should be checked
Amaya Quick Setup- When an auto test run fails and operations are manually updated, clicking 'Generate Policy Mapping' should exit the page.
Application delete-Campaign-Deleted application available for review
Import Manager-Manager is deleted and the user trying to assign them in the import history shows success but the audit shows a failed
Import/Export- By default, the time in the application name should be removed when exported
SSO - OpenID - Configure CIDR - Add - While clicking on the Add icon without entering any details, blank data is getting added.
SSO - OpenID - Configure CIDR - While clicking on the delete icon, no message is displayed and the entry is removed
Workflow List - View - Showing label as "Custom Workflow "
Import/ Export- Application name while importing file should be limited to 50 characters
Application - SSO - SLO toggle enable/disable audit log
SOD; policies-Policy owner name is not getting updated after updating the user name from the Identity hub and without the owner name policy is getting saved
AD new bundle- When recon is executed for both existing updates but the application is not linked, still user is still getting updated.
Application - Form - When submitted as blank, after assigning the application page is getting blank.
Masters - Grade- While clicking on the Add button it shows showing edit page of an existing record
Tenant registration- Showing suspicious popup box when clicked on verify your email
New tenant registration- If the tenant is already on the registration page then after clicking verify email from the mail box should show tenant is already registered
Tenant registration- Taking time to register the tenant
Email verification - The email verification link redirects to the otp verification screen.
My Workflow> Teams- Add a short menu button
Tenant creation not working
After release v 3.1.2, for old updated tenant campaign module is disabled
Portal-For module update showing error, already exist
Push and FIDO scan zoom functionality not available at the time of Device MFA
Push and FIDO scan zoom functionality not available at the time of application MFA
User setting- The external IDP rule is active-An admin user should not be able to reset the user password when the external IDP rule matches the user condition

Known Bugs

Manager notification: receiving user name required manager name
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to an invalid password
In forgot password/password breach condition-asking disabled MFA factor also
Amaya-Autofill policy map, When the value is not present to the user at the time of application then Amaya passes "$." to the target
Campaign - Reviewer can approve self review request
After the campaign workflow was triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
Remote Group- AD Application- When users are removed from a remote group in Cymmetri, those members should also be removed from the group in the Active Directory
Amaya- Client ID should be visible in encrypted form
Provision Rule - While creating and configuring the custom attribute as "New ", the system is not initiating the rule.
AD new bundle- When an AD application is assigned to a remote group, the application is highlighted in the background while assigning but disappears as soon as the application popup box is closed
Reports- When the report is scheduled, Scheduler history shows content not found and the execution status is aborted.
AD Application- When the Ad test provision fails, and the user tries to delete the application from a user account, then the application should go in a fail deletion state
Audit- Taking time to load audit logs
AD Application- Showing error when inserting start date in AD
In the application setting if shown to the user flags off then the also application shows in recent applications.
User lock- When a user account is active, and the same account is logged in through another browser, and by any means, the account gets locked, the first session should get terminated.
Branding- When show Unlock link from branding is kept as No, and the admin user account gets locked, then the user is not able to unlock the account from the login page
Application- When a user is adding /removing a role then it is not getting reflected without refreshing
group push-not taking user in AD at the time of update
Passwordless- WebAuthn; Showing not allowed error
Delegation-On behalf: when login by the delegate and the on-behalf condition is not satisfied still shows othe n-behalf toggle button and gets removed when refreshed
AD Application- Group name should not accept space while creating or updating group name
Audit- Audi log should show log when the user is not getting any records in Recon history but showing task executed

3.1.4-Beta

New Feature

UI/UX || Warning added || Application Config Import Modal || Auto 'Create Only' for User Principal policy mappings
A new feature has been developed for the "Recommendation Engine", enabling seamless integration and management of application and role recommendations. The recommendation engine supports the generation of personalized applications and role suggestions for each user. The system supports the automatic synchronization of data from various sources, ensuring that recommendations are always based on user behavior. All recommendation engine configurations and data synchronization are stored and can be easily retrieved and updated as needed.
UI/UX || Amaya || Add support for JSON body validation through validate button
Audit log comparison for oldObject and newObject when they are in detailed format
UI/UX Inconsistent button placement in some modules fixed to a default below position
UI/UX Onboarding walkthrough of New users
ICICI: a. The inbox title in the workflow setup event has been updated to display the workflow name. b. Workflow (Pending workflow list) requester and requestedFor column added for display
Identity Analytics (Reporting Engine)
End-to-end Request/Response Payload Encryption for all authservice's API. (/authsrvc/*)
User Threshold (Phase 2): i. Update Email Title and Template ii. Create a new 'Move to Archive' button to manually archive a user. iii. Make the notifications field mandatory in the User Threshold Configuration. iv. Added the Org Admin as the default notifier in the user threshold configuration. (Not supported for old tenant). v. Update UI Error Message Format vi. The User Threshold staging mode name has been changed. vii. Failure to Move Staging User to Archive Manually and Audit Log Display for fail. viii. The changes made to the staging dashboard view. Include a comparison between the previous and updated versions of the UI. ix. Show the display name in the Threshold Delete operation on the Staging Dashboard. x. Notification Field in User Threshold Config for deleting users.

Fixes

Amaya- When server connector timeout is changed and test configuration is clicked, it shows a "connector not found in cloud" error in the Audit log
Import User - If loginid already exists, then the remark shows "Usrsrvc.existing Login". Change this text to "Existing Login ID"
Import/Export- Showing host server details when the file is imported for script connector
My Access - Tags - Roles is not getting displayed in the Application
Application - Clicking on the role tile, SSO is happening and also while clicking on close icon, SSO is happening
Applications- When any attribute is updated (made empty in the target application) and recon for both exist operation is executed, the corresponding attribute in Cymmetri should also be cleared
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed (To correct the data need to perform data-logger sync for respective tenant. Refer configuration steps here)
Deprovision- User is getting deprovisioned even after user status is changed to Active from Inactive
User threshold mail notification- Title changes required
Audit log-Recon - When recon is executed with status as Inactive, audit log is showing "Recon initiated successfully" but not any log for execution failed/aborted
Audit Filter- Add cross button in Target Type and Action field.
Threshold Config- Validation message for all three operations should be similar
Threshold Create/Update- Spelling for exceeded is not correct
Notification Template - Toggle and status should display in status column as per other modules.
Create User- While creating user on newly created tenant, assign group page showing text "No group assigned , assign group"
User setting- External idp rule is active-An admin user should not be able to reset user password when the external IDP rule matches the user condition
Create user - While creating user on newly created tenant, assign application page showing text "No data found, add application"
Audit Filter- Add cross button in Target Type and Action field.
Portal-For module update showing error, already exist
My Access - Tags - Roles is not getting displayed in Application
Threshold Config- Validation message for all three operations should be similar
Threshold Create/Update- Spelling for exceeded is not correct
Notification Template - Toggle and status should display in status column as per other modules.
Create User- While creating user on newly created tenant, assign group page showing text "No group assigned , assign group"
Create user - While creating user on newly created tenant, assign application page showing text "No data found, add application"
Group Unassignment: The message appearing on group unassignment is incorrect
Push and FIDO scan zoom functionality not available at the time of Device MFA
Push and FIDO scan zoom functionality not available at the time of application MFA
Campaign Reassign -inactive users are also listed for reassignment on click
Login page- AD auth- Provide proper UI message when AD adapter details are incorrect
Amaya- When server connector timeout is changed and test configuration is clicked, it is showing "connector not found in cloud" error in Audit log
Import User - If loginid already exist , then remark shows "Usrsrvc.existing Login" . Change this text to "Existing Login Id"
User threshold- Pending Staging- When changing page select all box should be unchecked.
Threshold Pending staging- Whenever the page changes or the number of records per page is modified, the selection should be reset
Import/Export- Showing host server details when file is imported for script connector
Threshold pending staging- When the retry button is clicked multiple times, the validation message does not appear after the third click on UI
Application assignment- Change user search suggestion watermark
Onboarding registration- When resolution is at 80%, PAM report admin option is not visible in dropdown
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed
After release v 3.1.2, for old updated tenant campaign module is disabled
Onboarding registration- When an application is selected and then reverted to the previous page, selecting the application again causes the application count to double
External JIT- JIT configuration should be disabled until new external idp configuration details are filled
External IDP- JIT- API is showing "undefined" error on clicking JIT button and on enabling JIT configuration
External IDP- JIT- Reverse the title, it is confusing for user
MFA - Secret Question - Question selection is getting non-selectable after entering incorrect answers and then retrying for correct answer
My workspace>Inbox- Count is not showing when records are in claim
Reports( Employee's with upcoming contract end date) - By default date filter should be applied of 30 days
Provision Rule - Cursor of the condition is getting overlapped with footer of the page.
Onboarding - Login credentials timeout error
My Access - Superset Application logo and label should be changed
Applications- When any attribute is updated (made empty in the target application) and recon for both exist operation is executed, the corresponding attribute in Cymmetri should also be cleared
Deprovision- User is getting deprovisioned even after user status is changed to Active from Inactive
Audit log-Recon - When recon is executed with status as Inactive, audit log is showing "Recon initiated successfully" but not any log for execution failed/aborted
User threshold mail notification- Title changes required
Application- Managed view- When manager is removed from Cymmetri, user is still getting displayed in managed view
Create Threshold Config> Csv import- Showing empty records in pending staging list when threshold limit is exceed and user are imported via csv file
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed
My workspace>Inbox- Count is not showing when records are in claim
login with admin-Campaign detail show role also, currently role showing only for campaign manager
Cymmetri Selfservice App - Once we click on the web link from scanner , it should show confirmation popup on screen (Suggestion)
Selfservice Mobile App - When app is in Quit state and open the app via scanner(camera), it is not redirecting to login page of the website
Push Authenticator - Need to change the error message
User creation- While creating new users then going to next level that is on groups page and then on application page ,then user should be redirected back to the group's page when back button is clicked instead of existing user creation page
Showing error when saving workflow with name( User creation, Application provisioning, Application deprovisioning)
deployment_analytics_1 Service CPU utilisation is 100%
Campaign-email report showing error
Some time tenant registration not working,showing WriteConflict error in the service
Application provisioning and deprovisioning workflow initiated request is not getting displayed in activity logs.
Workflow Rules - Application Deprovisioning event - If condition is set as RegEx for custom attribute is not working
User update-Showing audit failed-Write conflict
Report - Updated record should display on top.
Auth rule showing unknown error
Workflow List - View any workflow detail - While clicking on info icon it is showing Grade List Detail
AD-Recon-If Policy attribute marked inactive then also it is getting pull from AD.
Login via Application admin- When click on application showing processing please wait error message.
Applications- Application are not getting assigned to user and also audit log is not visible for the same
PAM write admin not able to assign users,user list not populating

Known Bugs

Manager notification: receiving user name required manager name
In the application setting if to user flags off then the also application shows in the recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to an invalid password
Reports- Records are displayed after 11min approximately

3.1.5-Beta

New Feature

UI/UX - Workflow Inbox User detail will now have applications detail as well assigned to the user.
UI/UX - Workflow Inbox will have a start date and end date filter
User delete workflow support a. Workflow configuration support b. Rule configuration support
CISO Dashboard - REVERTED
Amaya || General Config-based role data type

Fixes

PAM write admin not able to assign users, user list not populating
Policy map- Empty value are getting saved in policy mapping
Workflow Rule update - View - Created by and updated by fields are empty
Superset - OpenId issue - While doing sso for superset application, it should is getting redirect superset url with error "The request to sign in was denied"
Threshold configuration- Replace could be to can be
Policy Map- When searching in the search box by any attribute, the search should get reset after changing tabs
Onboarding - Login credentials timeout error
Application- When searching user in application, user can be searched by first name, last name, login id but not by First name+lastname
PAM write admin not able to assign users,user list not populating
TOTP-Lookahead window change , on click save button show warning message,
User delete Workflow - Pending Workflow - Application details tab is not present

Known Bugs

Manager notification: receiving user name required manager name
In the application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
Reports- Records are getting displayed after 11min approximately
Deprovision Rule executed via Scheduler - Workflow is not getting initiated for the set of users on the basis of status/end date
Workflow List - Getting error " Contact system administrator" on technova tenant

3.1.7 - Product Release

New Features

Due to the limited resources in QA env and to ensure effective utilization, we are not currently proceeding with the new development to the recommendation service from both the backend and UI at this time. Hence, we kindly request you to exclude the recommendationsrvc service from the QA environment during deployment until further notice.
CISO Dashboard service deployment remains the same as the last release since the sprint release for the same is mid-next week. (EoM - September 2024)
Reconciliation Enhancement a. Reconciliation Job Notifications b. Reconciliation Job Dashboard c. Handling of Partial Job Failures d. Reconciliation Filters
Email Configuration Update a) Mail Username and Password fields no longer require validation, allowing them to be empty. This is because some email servers do not require authentication. b) Other fields, such as Mail Port, Mail Host, and Mail Sender, still require validation to ensure proper email functionality

Fixes

Form logic-When TAT is executed then in the detail show the message "Form Logic Workflow Rejected by system"
Assign Application- The application page not getting refreshed automatically after deleting/assigning applications.
Amaya Policy Mapping- The search button should be present.
Amaya || Validation prevents the usage of variables in the URL
FormLogic || Step 2 of form || Form config JSON should be mandatory
Amaya- The present header key disappeared when saving the value
Quick setup policy mapping- When any fields are not filled and an error is shown, the user should be taken to the error field
Amaya>Policy Mapping- Showing repeated validation message on UI when clicking on the reset button
Amaya- When the JSON body type is changed from raw to any other format, the previous type is cleared, but the response is not being updated accordingly
Amaya- After 3-4 attempts of clicking the validate/save button, the validation message is no longer being displayed.
Form logic-form detail-Need to provide rule link.
Staging Users - Version History - Change the text "Update Version" to "Updated Version"
Form logic-When TAT is executed then in the detail show the message "Form Logic Workflow Rejected by system"
Onboarding- The page is being skipped when the "Create User" popup box is clicked outside of it.
Audit log- UI layout is getting distorted for long role name
Application role- The Role page layout is getting distorted when a role with a long name is created
Application Role- When a role with a long name, including spaces, is created, the UI (specifically the Cancel and Save buttons) is affected while unassigning the role from a user account.
Application Role- UI is getting impacted.
Selfservice mobile app-inbox-User detail not showing.
CSV Bulk Import- When a bulk file is imported via CSV, attribute fields take time to load
Amaya Policy Mapping- The search button should be present.
Workflow || Additional Form Info || Readonly text-based form submissions
Policy map- Empty values are getting saved in the policy mapping
Amaya- When the JSON body type is changed from raw to any other format, the previous type is cleared, but the response is not being updated accordingly
UI new user walkthrough- Sentence correction needed
UI new user walkthrough- Description should be changed
Quick setup policy mapping- When any fields are not filled and an error is shown, the user should be taken to the error field
Amaya- After 3-4 attempts of clicking the validate/save button, the validation message is no longer being displayed.
Form logic-Form table-sorting not working
Form logic-Pre and post hook should be nonmandatory
Form logic-User submissions-Provide date filter
Form logic-on all screen search only works for the exact case, expected should work for matching cases.
Partner portal-add user-country list not loading.
CSV Bulk Import- When a bulk file is imported via CSV, attribute fields are taking time to load.
Form details UI is different in Pending and Completed Workflow than showing in the selfservice inbox section.
Form logic-Selfservice app-My Requests-form detail not showing
Skip Password Expiry- Session expires when the refresh button is clicked having skip password expiry enabled
FormLogic || Unable to save rule after changing condition

Known Bugs

Manager notification: receiving user name required manager name
In the application setting if to user flag is off then the also application shows in the recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to an invalid password
Reports- Records are displayed after 11min approximately
Deprovision Rule executed via Scheduler - Workflow is not getting initiated for the set of users based on status/end date
Workflow List - Getting error " Contact system administrator" on technova tenant
FormLogic || Step 2 of form || Form config JSON should be mandatory
Recon - Abort sync state - System is getting auto abort and failure log showing nothing and
Recon Dashboard History> Search field- A Placeholder should be added specifying search is applicable for only the application name, also No data found should be shown and pagination should get clear when the page is empty
Recon Failure sync status - Showing "Reconciliation In Progress" in fail status
Application Recon History- Slider should be added at the bottom
Recon Dashboard history- Users/groups are getting created in Cymmetri even when the process is aborted from the dashboard

3.0.x Consolidated

(3.0.1 - 3.0.12)

3.1.x Consolidated

(3.1.0 - 3.1.6)

VERSION

New Features

Fixes

Known Bug

3.1.0 Beta (02 May 2024)

Add a Welcome Guide when no nodes are added
Amaya Operations cards messages updated
Tooltip DX enhancements
Add confirmation dialogue when the request method is missing
File Upload Validations based on filename length and file size: File validation applied on User Bulk Imports, Group Assignments, Application Assignments, Role Imports, and Upload metadata SSO. Branding Image upload applied image size validation and image name length validation. Validation is also applied on self-service User avatar upload and application icon upload.
Cymmetri Verify App issuer format is changed now so there wont be duplicate record creation from now onwards, earlier we did not take into account of the environment but now we are considering that as well

Deprovision Via scheduler when threshold value is set:- Past date user is also getting deprovisioned when rule is applied on status
Application-Role-One role mandatory, validation should be present at least one active
Node name without spaces overlap
Amaya- Not able to drag down node which is at the top most corner
Campaign - Campaign action reminder email time calculation wrong
Campaign- Campaign is getting aborted and summary is showing blank when campaign for local group is executed.
Custom attribute - When custom attribute filter is applied in users, showing no users found
Workflow- Preference config box is not visible while deprovisioning application
Self service app: While setting up secret question authentication in mobile app, user need to click twice on question field.
User activity Ascending Descending not working
Amaya Connector Recon- Showing duplicate role remarks, but in duplicate field showing 0 records
Identity Hub- Groups- After editing groups when on application / activity page user is redirected to users page by default
My workspace> Create new tags- showing older suggestion as soon as clicked on new tag field
AD Application - View attribute is empty
Tenant registration | Pressing tab key glitches UI
Missing error code mapping
Grade Workflow- When workflow preference config is set to visible, and workflow is applied for user creation, then popup box is showing user list but in pending showing unknown instead of user list
Amaya- When the back button is clicked, a save/discard popup box will appear. However, clicking anywhere on the page directly navigates the user away from the operation page.
Amaya - Save/Discard popup box should not be shown when user is trying to go back without saving any changes.
Mobile app- Secret question- Field is showing required even when data is present in field
Cymmetri Verify app- Password recovery should be provided for Exported TOTP user files in case user forgets the password
login via Authenticator-identity provider is inactive then also user able to login.
syslog-configuration- UDP test, for invalid IP also giving success. Unable to have TOTP account for same username on different environments .

Manager notification: receiving user name required manager name
Workflow initiated for form but form is getting updated without workflow approval.
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is em

VERSION

New Features

Fixes

Known Bugs

3.1.2 Beta (26 July 2024)

Workflow self-approval module updated to support custom attribute (type :user type and Converter Type: String ) as condition parameter.
Teams config module updated to support custom attribute (type :user type and Converter Type: String ) as condition parameter.
On behalf module updated to support custom attribute (type :user type and Converter Type: String ) as condition parameter.
Auth Rule module updated to support custom attribute (type :user type and Converter Type: String ) as condition parameter.
Quick Setup - Setup applications using pre-defined operations
Import-Export App Configuration - Transfer configurations of application smoothly between tenants, simplifying the setup for users by ensuring all configuration, including user configurations, server configurations, and policy maps, are accurately migrated.
Removal of Deprovision Rule Exclusion Applications Field: a) Manual Execute Deprovisioning b) Deprovisioning via Scheduler c) Update Threshold Delete Config d) Deprovision Rule Updation e) Backward Compatibility f) Suspend or Resume User g) Impact on UI
Access review reject process updated, on rejection workflow support added.
SAML Single Logout
New screen that will show loading on UI till tenant creation is completed once OTP is verified
Interchanged position of login id and email on add/edit user for better UX.
Add support for page number field for pagination in Amaya
360 Recon
Lotus Notes Connector
Application Policy Map (Active Directory) samAccountName is compulsary for Create only flag in User as well as Group (AD application new bundle - When SAMaccount name is set to false in Group policy map, members are not assigned in group when recon Pull is executed for both exist=Update).
Added Warning information and warning popups (Only UI changes no impact on backend functionality): a. Creation of user manually. b. Updation of user manually. c. Bulk upload csv (creation of user) d. Manager assignment e. Policy map creation and updation f. Reconciliation Pull operation g. Reconciliation push operation h. Selfservice ➝ Teams: i. Creation of user ii. Updation of user
Removal of Email validation from backend

User info page gets crashed while user edit fails
Import/Export of App Configuration
Amaya- Detailed description of failed/executed logs should be shown
AD application new bundle- Group link attribute in db is empty, users are not getting updated in group
AD policy map- Spaces should be trimmed automatically if included while creating a policy attribute
Tenant creation not working
New tenant Registration- Showing subscription end for tenant which is not even registered completely
Secret question configuration- Admin user should be able to delete secret question when not in use
Secret Question-When a question is already in use and user trying to delete question then it should not display successful delete message
Secret question- Displaying removal validation message when editing a question
User> Activity- Add cross (x) button to clear the selection
Onbehalf Config - If Description is kept blank , no error message is getting displayed on screen while saving.
Team Config - If Description is kept blank , no error message is getting displayed on screen while saving.
On Behalf config- When the view button is clicked, the user is still able to check or uncheck the boxes
Custom attribute- Even when a custom attribute is disabled from the configuration, it remains visible in the policy map selected dropdown menu
Users - View User- Custom attribute fields text UI is breaking
Custom Attribute- Require text change in success message to " Custom Attribute activated successfully"
Edit User - After deactivating the already assigned custom attribute, in edit user , system is showing info "xyz" attribute is inactive for active custom attribute also.
Identity Hub- When clicked on edit info from user menu action, user account edit page should get open instead of user display page
CTRL+K: When any feature/module is already opened and user press ctrl +k button from keyboard then search filter modal is getting opened at back
Delegation - Delegator and Delegatee consent should not get updated if user has already set some other consent
Users> Group- Rename the label from 'Delete' to 'Unassign'.
Audit- Logs for deprovisioned user is getting repeated.
Custom Field- Policy Map- Date is not showing in correct format
Mobile app- When clicked on user name for first time after killing app , keyboard is getting hidden
Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.
Global search (Ctrl+K) - even if characters are not matching still showing suggestions
User setting- Error message should be shown when any action is performed and when landing/refreshing setting page
Cymmetri Selfservice App - Need to change the message showing in popup screen while TOTP is getting authenticated.
Mozilla Browser specific- User getting stuck when password less Webauthn is On
Application - SSO - While clicking on Preview assertion , getting error "processing please wait"
Product menu getting hide on workflow page: a. Menu action- Displaying an error message when a user already has one role assigned and tries to assign a menu action.
User info page gets crashed while user edit fails
Import/Export- Showing error message when importing file into new tenant (AD specific)
Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.
Quick setup- Data is not getting reset after closing policy mapping popup box, but getting reset when clicked on "I ll do later button"
Add Page Number support for Amaya
Application - SSO While saving the same config in two applications, while clicking on Edit SP config , popup showing do you want to continue editing the SP configuration? but only continue button is given
Application - SSO - While saving the configuration in new application, save button loader is loading continuously
360 recon-Hide runnow button from detail view
360 recon dashboard filter-add dropdown for break type
360 recon dashboard-label change account overdue to account overdue in the target (also add some info on i icon what is this)
360 recon-Already running recon need to handle,disable play button or show message
360 dashboard-make label consistent
360 recon dashboard-action details showing blank
360 Degree recon-For execution showing error
360 Degree Recon- History some time loading some time not
Recon 360 recon- Validation message for missing data is not required as it already shows no data found on page when recon is not executed at all
360 recon dashboard-action details showing blank
360 dashboard-Search not working on break type
360dashboard-loginid filter not working
360 recon detail data showing mismatch
360 recon execute audit log not present
360 recon dashboard-on 2nd run details getting repeated
Amaya Azure- Showing route issue error message
Import Application- UI for name is not proper
Import/Export- Recon is not working for AD new application bundle
Teams config - while removing the condition in Group condition, showing error " Please try again"
On Behalf config - while removing the condition in Group condition, showing error " Please try again"
Teams Config - If condition is kept blank and save is clicked , getting error " Please try again"
On behalf config- If condition is kept blank and save is clicked , getting error " Please try again"
Import/Export Application- Convertor field types in policy map is not getting imported
Import/Export - When any application configuration is imported into a new tenant, the user should be redirected to the application provisioning page after the upload
Import application- Showing an error message when importing an Amaya-based application if the exported application was without the policy map checked
Amaya- Policy Map Password attribute datatype identified as password instead of string
Amaya- Rename all operations(Test, Search, Sync, etc....) in sentence case
Workflow- Even after updating Grade as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- After updating the user list as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- When the level 3 approver is updated in the workflow, a 'Workflow Not in Range' error message is displayed.
Workflow- Even after updating the reporting manager as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- When workflow over workflow is applied 2nd level approver is not getting updated
360 recon should consider full sync
360 recon fails then that 360 recon should be abort
Amaya Felicity Role assignment- Taking time to provide error message
Deprovision- Exclusion Application- Application going in pending deletion state when that particular application is added in exclusion application while manually deleting user from Identity hub
360 Recon sync with bulk data showing heap size issue
AD new application- User list is not getting displayed showing urersrvc unknown error.
My workspace> Inbox- When workflow assignment is reassigned by admin, then previous approver should not be able to accept or reject request if page is already open in previous approver account.
Inbox - Workflow Request for setup for application - Need to enhance the details as per user interface.
Error in the server log-authsrvc ,No impact on functional flow
After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
Campaign - Reviewer can approve self review request
Campaign not getting end, for tenant 2711
Workflow TAT- Workflow is getting aborted when grade is set at second level approver and set TAT time is over
Workflow TAT- Workflow is getting aborted when 2 level approver is set and set TAT time is over
Workflow TAT- Workflow is getting aborted when workflow approver is assigned to user list
Workflow TAT- Showing error when user is not present and TAT is over
Workflow TAT- Showing unauthorized error when TAT is over and operation is getting aborted
Recon pull- with both exist link, audit detail not showing
Workflow rule configuration-on edit workflow ,previously selected role getting save
AD new bundle- Managed View- View should be proper while separating multiple OU in proxy addresses
AD new bundle- Manager and account expiry is not visible in Managed view
AD new bundle- managed view- Value is not displayed in proper format in Name in managed view
AD new bundle- Managed View- Showing different Start time/created time
In User creation workflow L1 - User List approved , L2 - reporting manager , after TAT is expired , request is not getting auto reject.
Pending Workflow List - If approver is User list and Grade then it should display in Current Assign in pending list
User Workflow - If reporting manager is set as 2 level approver , reporting manager is showing as Unknown
Policy Map- When attribute is searched via search button and that attribute is deleted then other attributes are not getting loaded
Profile Picture- After clicking once on the upload button, that button should be disabled
PAM-Server access not getting terminated even after time end (Related to HA environment only)
User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type
Pending Workflow -If L1 approver is User List , then while clicking on the info icon, popup not showing user list .Also it is " Grade List Details"
PAM-Server access not getting terminated even after time end (Related to HA environment only)
Workflow Rule - Workflow is initiated when group is set as approver , group is not visible on popup screen
AD new bundle>Group- When the "Sam account name" update checkbox is unchecked and user attempt to update the description, the description does not get updated in AD
deployment_analytics_1 Service CPU utilisation is 100%
Import/ Export- When file is exported from different env (Dev) and imported to QA env, then credentials are also imported along
Security Bug Fixes :- E2E request/response payload encryption for all APIs of authservice

manager notification : receiving user name required manager name
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
In forgot password/password breach condition-asking disabled MFA factor also
Amaya-Autofill policy map, When value is not present to the user at the time of application then amaya passing "$." to the target
Campaign - Reviewer can approve self review request
After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
Remote Group- AD Application- When users are removed from a remote group in Cymmetri, those members should also be removed from the group in Active Directory
Amaya- Client id should be visible in encrypted form
Provision Rule - While creating and configuring the custom attribute as "New ", system is not initiating the rule.
AD new bundle- When an AD application is assigned to a remote group, the application is highlighted in the background while assigning but disappears as soon as the application popup box is closed
Reports- When report is scheduled, Scheduler history is showing content not found and execution status is getting aborted
AD Application- When Ad test provision is failed, and user trying to delete application from user account, then application should go in fail deletion state
Audit- Taking time to load audit logs
AD Application- Showing error when inserting start date in AD
In application setting if show to user flag off then also application show in recent application.
User lock- When a user account is active, and the same account is logged in through another browser and by any means account gets locked, the first session should get terminated.
Branding- When show Unlock link from branding is kept as No, and admin user account gets locked, then user is not able to unlock account from login page
Application- When user is adding /removing role then it is not getting reflected without refreshing
group push-not taking user in AD at the time of update
Passwordless- WebAuthn; Showing not allowed error
Delegation-On behalf: when login by delegate and on-behalf condition is not satisfied still showing on-behalf toggle button and getting removed when refreshed
AD Application- Group name should not accept space while creating or updating group name
Audit- Audi log should show log when user is not getting any records in Recon history but showing task executed

VERSION

New Feature

Fixes

Known Bugs

3.1.3 Beta (26 July 2024)

User Threshold: a. A UI change has been made in the general configuration for the threshold. b. Creation of user c. Updation of user d. Deletion of user e. Staging for user threshold f. Retry staging user from staging dashboard. g. Archive for user threshold h. Notification for user threshold
User directory search API updated for quick search (keyword): a. Support dropped for: grade, userType, department, designation, custom-attributes b. Supported on: employeeId, email, mobile, firstName, lastName, middleName, displayName, login
Data logger service version info added.
Tenant registration database creation process optimisation.
Pending Workflow Inner page applied functionality to reassign user from inner page
Added QR code zoom feature on FIDO, TOTP and push Authenticator scanner.
VPT: Modify routes of api - /usersrvc/api/user/directory/list/{appId} remove user role form routes.
Custom Attribute support in following Workflow Rule Events a. User Creation b. Application Provisioning c. Application Deprovisioning d. Application Update
Added the following templates in Amaya Quick Setup: • Atlassian • Zoho CRM • Zoho Desk • Zoho Books • Zoho Expenses
Provided support for integer values for ROLE assignment through Amaya.
Tenant Registration Process Resumption: In the event that the tenant registration process is interrupted, it can be seamlessly resumed and completed using the existing account configuration. The registration process can be resumed from the following stages: a. Pending OTP Verification b. Incomplete Credential Setup
Active Directory || SimpleAD Connector upgrade: a. UserAccountControl attribute support added b. memberOf attribute support in manage system viewer c. ProxyAttribute attribute support added
External IDP SSO: a. added support to login into cymmetri as external identity provider as idp initiated sso.
SAML IDP SSO: a. added support to send idp initiated (cymmetri) sso response to cymmetri as service provider.
TOTP Config
Removal of Email validation from backend
DataLogger | Refer configuration steps here: a. data-logging framework optimisation. b. Full sync support, this step is optional step and required only if, • Tenant audit database is not present, or • Tenant audit database is corrupt so fresh setup is required.

Error in the server log-authsrvc ,No impact on functional flow
Team config - Create - Discard button issue - After clicking not able to add the details in condition section
Rule engine- Remove "above" word from note
login with admin-Campaign detail show role also, currently role showing only for campaign manager
Amaya API returning null if error instead of error and errorCode
Hide metabase analytics
Workflow rule configuration-on edit workflow ,previously selected role getting save
User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type
Pending Workflow -If L1 approver is User List , then while clicking on the info icon, popup not showing user list .Also it is " Grade List Details"
Identity Hub- Pending initial login symbol is visible far away from user name
On behalf configuration - While disable and enabling the toggle,popup message shows "This change will take effect on user's next login" but it is getting reflecting on the fly.
On-behalf>Delegation- On behalf menu is not visible when logged in via Delegatee account
SSO- Group mapping- Save button should be enabled when mandatory fields are filled
Workflow- Even after updating the reporting manager as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Global search (Ctrl+K) - even if characters are not matching still showing suggestions
Product menu getting hide on workflow page
LDAP connector-LDAP SSL should be save in Boolean in the DB
User setting- Error message should be shown when any action is performed and when landing/refreshing setting page
User setting- External idp rule is active-An admin user should not be able to lock a user when the external IDP rule matches the user condition
Schedule history-ad by default todays filter for from and to
Teams config- When the view button is clicked, the user is still able to check or uncheck the boxes
Menu action- Displaying an error message when a user already has one role assigned and tries to assign a menu action.
Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.
Lifecycle Management - All menus - Discard button is not working as expected.
Application - SSO While saving the same config in two applications, while clicking on Edit SP config , popup showing do you want to continue editing the SP configuration? but only continue button is given
Application - SSO - While saving the configuration in new application, save button loader is loading continuously
Amaya- Rename all operations(Test, Search, Sync, etc....) in sentence case
Group Policy map- For group custom attribute Cymmetri field type should be automatically selected as working in users custom field
Teams config - while removing the condition in Group condition, showing error " Please try again"
On Behalf config - while removing the condition in Group condition, showing error " Please try again"
Teams Config - If condition is kept blank and save is clicked , getting error " Please try again"
On behalf config- If condition is kept blank and save is clicked , getting error " Please try again"
Import/Export- Showing error message when importing file into new tenant (AD specific)
Import application-show error message user or groupwise
Import application- Showing an error message when importing an Amaya-based application if the exported application was without the policy map checked
Import/Export - When any application configuration is imported into a new tenant, the user should be redirected to the application provisioning page after the upload
Amaya Azure- Showing route issue error message
Import/Export Application- Convertor field types in policy map is not getting imported
Import/Export- Recon is not working for AD new application bundle
Workflow- When workflow over workflow is applied 2nd level approver is not getting updated
Workflow- Even after updating Grade as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- After updating the user list as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- When the level 3 approver is updated in the workflow, a 'Workflow Not in Range' error message is displayed.
Workflow TAT- Workflow is getting aborted when workflow approver is assigned to user list
Team config - Create - Discard button issue - After clicking not able to add the details in condition section
Import/Export- By default, the time in the application name should be removed when exported
Rule engine- Remove "above" word from note
login with admin-Campaign detail show role also, currently role showing only for campaign manager
Hide metabase analytics
Error in the server log-authsrvc ,No impact on functional flow
AD new application- User list is not getting displayed showing urersrvc unknown error.
Campaign not getting end, for tenant 2711
Workflow rule configuration-on edit workflow ,previously selected role getting save
AD application new bundle - When SAMaccount name is set to false in Group policy map, members are not assigned in group when recon Pull is executed for both exist=Update
My workspace> Inbox- When workflow assignment is reassigned by admin, then previous approver should not be able to accept or reject request if page is already open in previous approver account.
After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
Workflow TAT- Workflow is getting aborted when grade is set at second level approver and set TAT time is over
Workflow TAT- Workflow is getting aborted when 2 level approver is set and set TAT time is over
Workflow TAT- Showing error when user is not present and TAT is over
Workflow TAT- Showing unauthorized error when TAT is over and operation is getting aborted
User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed
Pending Workflow -If L1 approver is User List , then while clicking on the info icon, popup not showing user list .Also it is " Grade List Details"
AD new bundle>Group- When the "Sam account name" update checkbox is unchecked and user attempt to update the description, the description does not get updated in AD
Import/ Export- When file is exported from different env (Dev) and imported to QA env, then credentials are also imported along
Identity Hub- Pending initial login symbol is visible far away from user name
On behalf configuration - While disable and enabling the toggle,popup message shows "This change will take effect on user's next login" but it is getting reflecting on the fly.
In User creation workflow L1 - User List approved , L2 - reporting manager , after TAT is expired , request is not getting auto reject.
On-behalf>Delegation- On behalf menu is not visible when logged in via Delegatee account
Import Manager-Manager is deleted and user trying to assign then in the import history showing success but in audit showing failed
Application delete-Campaign-Deleted application available for review
AD new bundle- User policy map- When Sam account name is mapped with any attribute and update checkbox is kept false, and user is updated, audit log is showing failed
Workflow>Inbox- Address fields name in inbox /pending workflow and identity hub users are not same
SSO- Group mapping- Save button should be enabled when mandatory fields are filled
Campaign-email report showing error
deployment_analytics_1 Service CPU utilization is 100%
Application - Form - When submitted as blank, after assigning the application page is getting blank.
Reports- Records are getting displayed after 11min approximately
Csv Import users- An error message is not shown when the user is unable to save user details if a space is included in the email
After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
User Workflow - If reporting manager is set as 2 level approver , reporting manager is showing as Unknown
Workflow>Inbox- Address fields name in inbox /pending workflow and identity hub users are not same
Export- Rename Config type to Select All
MFA- When default MFA rule is inactive, user is able to delete default rule as well
Amaya connector>Policy mapping- Bottom slider should be fixed
Amaya || Validation preventing usage of long valid header
Amaya Connector- By default only green colored (confirmed policy attributes) only should be checked
Amaya Quick Setup- When an auto test run fails and operations are manually updated, clicking 'Generate Policy Mapping' should exit the page.
Application delete-Campaign-Deleted application available for review
Import Manager-Manager is deleted and user trying to assign then in the import history showing success but in audit showing failed
Import/Export- By default, the time in the application name should be removed when exported
SSO - OpenID - Configure CIDR - Add - While clicking on Add icon without entering any details , blank data is getting added.
SSO - OpenID - Configure CIDR - While clicking on delete icon ,no message is getting displayed and entry is getting removed
Workflow List - View - Showing label as "Custom Workflow "
Import/ Export- Application name while importing file should be limited to 50character
Application - SSO - SLO toggle enable/disable audit log
SOD; policies-Policy owner name is not getting updated after updating user name from Identity hub and without owner name policy is getting saved
AD new bundle- When recon is executed for both exist update but application is not linked, still user is getting updated.
Application - Form - When submitted as blank, after assigning the application page is getting blank.
Masters - Grade- While clicking on Add button it is showing edit page of existing record
Tenant registration- Showing suspicious popup box when clicked on verify your email
New tenant registration- If tenant is already on registration page then after clicking verify email from mail box should show tenant is already registered
Tenant registration- Taking time to register tenant
Email verification - Email verify link is redirecting to otp verification screen.
My Workflow> Teams- Add short menu button
Tenant creation not working
After release v 3.1.2, for old updated tenant campaign module is disabled
Portal-For module update showing error, already exist
Push and FIDO scan zoom functionality not available at the time of Device MFA
Push and FIDO scan zoom functionality not available at the time of application MFA
User setting- External idp rule is active-An admin user should not be able to reset user password when the external IDP rule matches the user condition

manager notification : receiving user name required manager name
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
User-Email with invalid email id like NA, this user not able to use MFA with OTP

VERSION

New Feature

Fixes

Known Bugs

3.1.4 Beta (13 August 2024)

UI/UX || Warning added || Application Config Import Modal || Auto 'Create Only' for User Principal policy mappings
A new feature has been developed for the "Recommendation Engine", enabling seamless integration and management of application and role recommendations. The recommendation engine supports the generation of personalised application and role suggestions for each user. The system supports the automatic synchronisation of data from various sources, ensuring that recommendations are always based on the user behaviour. All recommendation engine configurations, data synchronisation are stored and can be easily retrieved and updated as needed.
UI/UX || Amaya || Add support for JSON body validation through validate button
Audit log comparison for oldObject and newObject when they are in detailed format
UI/UX Inconsistent buttons placement in some module fixed to a default below position
UI/UX Onboarding walkthrough of New users
ICICI: a. The inbox title in the workflow setup event has been updated to display the workflow name. b. Workflow (Pending workflow list) requester and requestedFor column added for display
Identity Analytics (Reporting Engine)
End to End Request/Response Payload Encryption for all authservice's API. (/authsrvc/*)
User Threshold (Phase 2): i. Update Email Title and Template ii. Create a new 'Move to Archive' button to manually archive a user. iii. Make the notifications field mandatory in the User Threshold Configuration. iv. Added the Org Admin as the default notifier in the user threshold configuration.(Not supported for old tenant). v. Update UI Error Message Format vi. The User Threshold staging mode name has been changed. vii. Failure to Move Staging User to Archive Manually and Audit Log Display for fail. viii. The changes made to the staging dashboard view. Include a comparison between the previous and updated versions of the UI. ix. Show the display name in the Threshold Delete operation on the Staging Dashboard. x. Notification Field in User Threshold Config for delete users.

Amaya- When server connector timeout is changed and test configuration is clicked, it is showing "connector not found in cloud" error in Audit log
Import User - If loginid already exist , then remark shows "Usrsrvc.existing Login" . Change this text to "Existing Login Id"
Import/Export- Showing host server details when file is imported for script connector
My Access - Tags - Roles is not getting displayed in Application
Application - Clicking on the role tile ,SSO is happening and also while clicking on close icon, SSO is happening
Applications- When any attribute is updated (made empty in the target application) and recon for both exist operation is executed, the corresponding attribute in Cymmetri should also be cleared
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed (To correct the data need to perform data-logger sync for respective tenant. Refer configuration steps here)
Deprovision- User is getting deprovisioned even after user status is changed to Active from Inactive
User threshold mail notification- Title changes required
Audit log-Recon - When recon is executed with status as Inactive, audit log is showing "Recon initiated successfully" but not any log for execution failed/aborted
Audit Filter- Add cross button in Target Type and Action field.
Threshold Config- Validation message for all three operations should be similar
Threshold Create/Update- Spelling for exceeded is not correct
Notification Template - Toggle and status should display in status column as per other modules.
Create User- While creating user on newly created tenant, assign group page showing text "No group assigned , assign group"
User setting- External idp rule is active-An admin user should not be able to reset user password when the external IDP rule matches the user condition
Create user - While creating user on newly created tenant, assign application page showing text "No data found, add application"
Audit Filter- Add cross button in Target Type and Action field.
Portal-For module update showing error, already exist
My Access - Tags - Roles is not getting displayed in Application
Threshold Config- Validation message for all three operations should be similar
Threshold Create/Update- Spelling for exceeded is not correct
Notification Template - Toggle and status should display in status column as per other modules.
Create User- While creating user on newly created tenant, assign group page showing text "No group assigned , assign group"
Create user - While creating user on newly created tenant, assign application page showing text "No data found, add application"
Group Unassignment: The message appearing on group unassignment is incorrect
Push and FIDO scan zoom functionality not available at the time of Device MFA
Push and FIDO scan zoom functionality not available at the time of application MFA
Campaign Reassign -inactive users are also listed for reassignment on click
Login page- AD auth- Provide proper UI message when AD adapter details are incorrect
Amaya- When server connector timeout is changed and test configuration is clicked, it is showing "connector not found in cloud" error in Audit log
Import User - If loginid already exist , then remark shows "Usrsrvc.existing Login" . Change this text to "Existing Login Id"
User threshold- Pending Staging- When changing page select all box should be unchecked.
Threshold Pending staging- Whenever the page changes or the number of records per page is modified, the selection should be reset
Import/Export- Showing host server details when file is imported for script connector
Threshold pending staging- When the retry button is clicked multiple times, the validation message does not appear after the third click on UI
Application assignment- Change user search suggestion watermark
Onboarding registration- When resolution is at 80%, PAM report admin option is not visible in dropdown
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed
After release v 3.1.2, for old updated tenant campaign module is disabled
Onboarding registration- When an application is selected and then reverted to the previous page, selecting the application again causes the application count to double
External JIT- JIT configuration should be disabled until new external idp configuration details are filled
External IDP- JIT- API is showing "undefined" error on clicking JIT button and on enabling JIT configuration
External IDP- JIT- Reverse the title, it is confusing for user
MFA - Secret Question - Question selection is getting non-selectable after entering incorrect answers and then retrying for correct answer
My workspace>Inbox- Count is not showing when records are in claim
Reports( Employee's with upcoming contract end date) - By default date filter should be applied of 30 days
Provision Rule - Cursor of the condition is getting overlapped with footer of the page.
Onboarding - Login credentials timeout error
My Access - Superset Application logo and label should be changed
Applications- When any attribute is updated (made empty in the target application) and recon for both exist operation is executed, the corresponding attribute in Cymmetri should also be cleared
Deprovision- User is getting deprovisioned even after user status is changed to Active from Inactive
Audit log-Recon - When recon is executed with status as Inactive, audit log is showing "Recon initiated successfully" but not any log for execution failed/aborted
User threshold mail notification- Title changes required
Application- Managed view- When manager is removed from Cymmetri, user is still getting displayed in managed view
Create Threshold Config> Csv import- Showing empty records in pending staging list when threshold limit is exceed and user are imported via csv file
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed
My workspace>Inbox- Count is not showing when records are in claim
login with admin-Campaign detail show role also, currently role showing only for campaign manager
Cymmetri Selfservice App - Once we click on the web link from scanner , it should show confirmation popup on screen (Suggestion)
Selfservice Mobile App - When app is in Quit state and open the app via scanner(camera), it is not redirecting to login page of the website
Push Authenticator - Need to change the error message
User creation- While creating new users then going to next level that is on groups page and then on application page ,then user should be redirected back to the group's page when back button is clicked instead of existing user creation page
Showing error when saving workflow with name( User creation, Application provisioning, Application deprovisioning)
deployment_analytics_1 Service CPU utilisation is 100%
Campaign-email report showing error
Some time tenant registration not working,showing WriteConflict error in the service
Application provisioning and deprovisioning workflow initiated request is not getting displayed in activity logs.
Workflow Rules - Application Deprovisioning event - If condition is set as RegEx for custom attribute is not working
User update-Showing audit failed-Write conflict
Report - Updated record should display on top.
Auth rule showing unknown error
Workflow List - View any workflow detail - While clicking on info icon it is showing Grade List Detail
AD-Recon-If Policy attribute marked inactive then also it is getting pull from AD
Login via Application admin- When click on application showing processing please wait error message
Applications- Application are not getting assigned to user and also audit log is not visible for the same
PAM write admin not able to assign users, user list not populating

manager notification : receiving user name required manager name
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
Reports- Records are getting displayed after 11min approximately

VERSION

New Feature

Fixes

Known Bugs

3.1.5 Beta (6 August 2024)

UI/UX - Workflow Inbox User detail will now have applications detail as well assigned to the user
UI/UX - Workflow Inbox will have start date and end date filter
User delete workflow support a. Workflow configuration support b. Rule configuration support
CISO Dashboard - REVERTED
Amaya || General Config based role data type

PAM write admin not able to assign users, user list not populating
Policy map- Empty value are getting saved in policy mapping
Workflow Rule update - View - Created by and updated by fields are empty
Superset - OpenId issue - While doing sso for superset application, it should is getting redirect superset url with error "The request to sign in was denied"
Threshold configuration- Replace could be to can be
Policy Map- When searching in the search box by any attribute, the search should get reset after changing tabs
Onboarding - Login credentials timeout error
Application- When searching user in application, user can be searched by first name, last name, login id but not by First name+lastname
PAM write admin not able to assign users, user list not populating
TOTP-Lookahead window change , on click save button show warning message,
User delete Workflow - Pending Workflow - Application details tab is not present

manager notification : receiving user name required manager name
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
Reports- Records are getting displayed after 11min approximately
Deprovision Rule executed via Scheduler - Workflow is not getting initiated for the set of users on the basis of status/end date
Workflow List - Getting error " Contact system administrator" on technova tenant

Version

New Features

Fixes

Known Bugs

3.1.6 (10 September 2024)

Form Logic - The FormLogic functionality, enables you to store custom data using flexible, administrator-defined forms. It empowers you to create forms tailored to your specific data collection requirements, providing a versatile solution for various data management needs. 360 Degree Reconciliation - Compare tab added to the current feature, where user can compare with the source application and target application and further generate reports and download csv.
SkipPasswordExpiry - We are enhancing our Password Policy by introducing a new field
SkipPasswordExpiry, within the PasswordChangeRule. This enhancement allows users to opt out of the password expiry process entirely. When the SkipPasswordExpiry field is enabled, users will not receive warnings or notifications about password expiry, nor will they be prompted to change their password due to its expiration.
Connector: SimpleLDAP application.
ICICI Client - Role Based form delivery in IGA.
SDK based integration to send mobile push notifications to mitigate legacy API issues: a. Fido Based Notifications b. Normal Push Based Notifications The LDAP adapter has been updated with a new feature that eliminates the need to enter a username and password for each execution.

Form logic-Configured Forms -On click setting icon screen getting flicker
Selfservice Submit form-Update error message and backend error code if pre and post hook script h
Form logic-on form submit close form
Form logic-Selfservice-My Form Submissions pagination, page getting blank
Archived Forms detail-Revision data showing wrong, showing non existing list
Form logic-After changing form schema, form detail showing blank
Form logic-User submissions-Provide search by taskeid, username, loginid
Form logic-on all screen search only working for the exact case, expected should be work for matchin
Form logic-Form table-sorting not working
Form logic-Pre and post hook should be non mandatory
Form map with rule-if form map more than defined limit then error message showing only one time
Staging users details - Version history log user details not loading
Form logic-Configured form and archive form detail, back button behaviour is not as expected, need
Form logic-Form Access Rules-Link form, save button should be disabled till form selection
form logic- if request is timeout or fail then feature showing disabled
Form logic-User submissions-Provide date filter
Workflow || Additional Form Info || Readonly text-based form submissions
Timebased Application: Timebased application assignment message spelling incorrect
Deprovision- When applications are assigned via group and deprovision is executed all the application
Teams - Suspended Users - List View - Edit - It is redirecting to Users but showing a blank screen
Application Search: When clicking on "View More Applications" and searching for an application, the
Pending Staging- When no records are present on the page, the "Select All" button should be disabled
User Onboarding - Dropdowns are not loading when creating a user after adding an Admin during t
Global search - Pending action is not coming in global search

manager notification : receiving user name required manager name
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
Reports- Records are getting displayed after 11min approximately
Deprovision Rule executed via Scheduler - Workflow is not getting initiated for the set of users on th
Workflow List - Getting error " Contact system administrator" on technova tenant
FormLogic || Step 2 of form || Form config JSON should be mandatory

Starting your Cymmetri Trial

Enter your country, and phone number (mandatory to receive OTP), and enter a domain name for your tenant. In case the domain available message is not shown, choose a different domain name. Click on the Start Trial button.

You will receive an OTP on your mobile number from the previous step. Enter the OTP here and wait for a few seconds for your tenant to be created.

You will be redirected to your domain to create the first Organization Admin user. Ensure that your password matches the password policy.

You will receive a message to show that your tenant has been created.

Click on the Login button to proceed with the onboarding process
Enter your username and press Next

Enter your password and proceed with the setup of your tenant by clicking on the Login button.

Choose applications from the application catalogue, and click on the application icon for all the applications you wish to add. Then click on the Next button.

Enter details to create a second administrator account. Click on the Send Invite button to create an administrator. Click on the Next button to proceed.

(Optional) Add users if you wish to. Then click on Finish.

You will be redirected to the Dashboard to proceed with the system.

Next Steps:

Manage your users and groups.

Admin Dashboard

Cymmetri dashboard provides administrators with a centralized and visual representation of key information and controls related to identity management, access governance, and administration.

The dashboard serves as a command center for overseeing and managing the identity lifecycle, compliance, and other aspects of identity and access governance within an organization.

Upon Logging in the admin is landed on the dashboard where they can see the following:

Shortcut to configure recently added application - Configuration means adding roles, defining provisioning, reconciliation, SSO, etc.
Users Activity - Total Successful user logins in Cymmetri on that day
Accounts Locked - User account locked event on that day
Users Onboarded - New users being onboarded in the system on that day
Password reset - Password reset activity in the system on that day
Authentication stats - Number of successful and failed login attempts in a timeframe
App Identity - It displays the application reconciliation activity with respect to the users.

Cymmetri also displays some important system KPIs to the admin as shown below

Application - Number of applications onboarded in Cymmetri

Active Users - Total number of active users in the system

Total Users - Total number of users onboarded in Cymmetri

Roles - Total application roles created in Cymmetri

Workflows - Total approval workflows created in Cymmetri

Password policy - Total number of password policies created for user authentication in Cymmetri

Rules - Total rules created in the System for provisioning, MFA, approval workflows, etc.

Users unlogged - Number of users who have never logged in to Cymmetri

Additionally, there are some useful system shortcuts placed on the right side of the page to make faster business decisions.

Accessing Cymmetri

To access Cymmetri, users must use a web browser, such as Google Chrome or Safari, and enter the appropriate address in the address bar as shown below:

URL: https://<companyname>.cymmetri.com/login

Example: https://helpdocs.cymmetri.com/login

Once the address is entered it opens a page as shown below, where the users may enter their username and password to access Cymmetri.

Supported Web Browsers

Cymmetri supports the following web browsers:

Version of specific browsers supported by Cymmetri are:

DESKTOP:

MOBILE:

Cymmetri Error Codes

A comprehensive list of all known Cymmetri error codes and their summary understanding:

ERROR CODE

ERROR TEXT

CONNECTION_ERROR

Unable to connect. Please check your connection and try again.

USRSRVC.LAST_DATE_REACHED

The application's request end date is greater than the user's end date.

USRSRVC.MISSING_DATES

Incorrect dates Please ensure the selected date range is proper.

USRSRVC.EXPIRED_TIME_BOUND

Access request duration has ended

REGSRVC.UNKNOWN

Error. Please try again later or contact Cymmetri Administrator.

REGSRVC.USER_NOT_FOUND

User not found.

REGSRVC.INVALID_TOKEN

Token expired. Try again.

REGSRVC.OTP_EXPIRED

OTP expired. Please resend and try again.

REGSRVC.OTP_LIMIT_EXCEED

Otp limit exceeded.

REGSRVC.INVALID_OTP

OTP does not match. Please check & try again

REGSRVC.INVALID_ARGUMENTS

Error. Please correct input and try again.

REGSRVC.INVALID_DOMAIN

Invalid Domain. Please try again.

REGSRVC.INVALID_CREDENTIALS

Invalid Credentials. Please try again.

REGSRVC.TERMS_AND_CONDITIONS_NOT_FOUND

Invalid Terms & Conditions. Please try again.

REGSRVC.INVALID_ACCOUNT_VERIFICATION_TOKEN

Invalid request. Contact Cymmetri administrator.

REGSRVC.DATA_IS_NOT_VALID

Invalid data. Please try again.

REGSRVC.PASSWORD_NOT_VALID

Invalid password. Please try again

REGSRVC.EMAIL_EXISTS

Duplicate Email Address. Please try again.

REGSRVC.DOMAIN_EXISTS

Duplicate Domain.

REGSRVC.DB_CONFIG_EXISTS

Database already exists. Contact Cymmetri administrator.

REGSRVC.USER_ALREADY_ACTIVE

User status is active. Contact Cymmetri administrator.

USRSRVC.MANAGER_NOT_FOUND

No Manager Found

USRSRVC.UNSUPPORTED_FILE_TYPE

Unsupported File Type

USRSRVC.UNKNOWN

Error. Please try again later or contact Cymmetri Administrator.

USRSRVC.INVALID_ARGUMENTS

Error. Please correct input and try again.

USRSRVC.NONUNIQUE_GROUPNAME

Group name already exists. Please try again.

USRSRVC.GROUPTYPE_NOT_FOUND

Group type not found. Contact Cymmetri administrator.

USRSRVC.OU_NOT_FOUND

Organization Unit not found. Please try again.

USRSRVC.PARENTGROUP_NOT_FOUND

Parent Group not found. Please try again.

USRSRVC.GROUP_NOT_FOUND

Group not found. Please try again.

USRSRVC.USER_NOT_FOUND

User not found. Please try again.

USRSRVC.CYCLIC_UPDATE

Operation not allowed for current input.

USRSRVC.INHERITED_GROUP

Operation not allowed for current input.

USRSRVC.USERTYPE_NOT_FOUND

User type not found. Please try again.

USRSRVC.EXISTING_MOBILE

User mobile number in use. Please try again.

USRSRVC.EXISTING_EMAIL

User email address in use. Please try again.

USRSRVC.DEPARTMENT_NOT_FOUND

Department not found. Please try again.

USRSRVC.DESIGNATION_NOT_FOUND

Designation not found. Please try again.

USRSRVC.COUNTRY_NOT_FOUND

Country not found. Please try again.

USRSRVC.EXISTING_LOGIN

User Login ID in use. Please try again.

USRSRVC.APPLICATION_NOT_FOUND

Application not found. Please try again.

USRSRVC.APPLICATION_ROLE_NOT_FOUND

Application role not found. Please try again.

PROVSRVC.CYMMETRI_LOGIN_FIELD_NOT_CONFIGURED

Please configure Cymmetri Login field for Policy Mapping.

PROVSRVC.APPLICATION_TEST_FAILED

Provision Configuration failed.

USRSRVC.USER_NOT_PROVISIONED

User not provisioned. Please try again.

USRSRVC.CHILD_GROUP_FOUND

Cannot Delete as Child group found.

USRSRVC.GROUP_HAS_ASSIGNED_APPS

Group has assigned applications. Remove and try again.

USRSRVC.USER_ASSIGNED_GROUP

Cannot delete as User assigned to group.

USRSRVC.USER_MUST_PRESENT_IN_TARGET

User must present in target system before assign it to group.

USRSRVC.INACTIVE_USER

Inactive User cannot perform this action.

USRSRVC.INVALID_MANAGER

Invalid manager.

USRSRVC.MIN_ORG_ADMIN_RULE_VIOLATION

Admin role cannot be removed for this user.

USRSRVC.USER_ROLE_MAPPING_EXISTS

Role Already Exists.

USRSRVC.APPLICATION_ROLE_ALREADY_ASSIGNED

Application role is already assigned.

USRSRVC.APPLICATION_ALREADY_ASSIGNED

Application is already assigned.

USRSRVC.USER_ROLE_MAPPING_NOT_EXISTS

User role mapping does not exists.

USRSRVC.CANNOT_REMOVE_PROVISIONED_APPLICATION

Cannot remove already provisioned application.

USRSRVC.EMPTY_FILE

Empty file uploaded.

USRSRVC.SELF_STATUS_CHANGE_NOT_ALLOWED

This user cannot be deleted.

USRSRVC.MANAGER_ASSIGNMENT_REJECTED

Error. The manager assignment is invalid.

USRSRVC.INVALID_ENDDATE

The end date should be greater than start date.

USRSRVC.SELF_ROLE_CHANGE_NOT_ALLOWED

Self role change is not allowed.

USRSRVC.CUSTOM_ATTRIBUTE_MASTER_EXIST

Custom attribute already exist.

USRSRVC.CUSTOM_ATTRIBUTE_MASTER_NOT_FOUND

Custom attribute not found.

USRSRVC.DUPLICATE_NAME

Duplicate name record already exist.

USRSRVC.DUPLICATE_LABEL

Duplicate label record already exist.

USRSRVC.ATTRIBUTE_RIGHTS_NOT_FOUND

Attribute rights not found.

USRSRVC.REMOTE_GROUP_APPLICATION_NOT_FOUND

Application must present before assign user to remote group.

USRSRVC.REMOTE_GROUP_NAME_NOT_MODIFIED_EXCEPTION

Remote group name not able to update

USRSRVC.EMPTY_LOGIN

Something went wrong Please contact the administrator.

USRSRVC.TOO_LARGE_FILE

File size should not be more than {size}

USRSRVC.FORM_DEACTIVATED_EXCEPTION

Form is inactive

USRSRVC.ACTION_NOT_SUPPORTED

This action is not supported

AUTHSRVC.ACCESS_DENIED

Invalid Credentials.

AUTHSRVC.TENANT_EXPIRED

Free trial expired. Please contact Cymmetri administrator.

AUTHSRVC.UNKNOWN

Please contact system administrator.

AUTHSRVC.INVALID_TOKEN

Token is invalid.

AUTHSRVC.USER_NOT_FOUND

User not found.

AUTHSRVC.CANT_SET_FALSE_DEFAULT_PASSWORD_POLICY

Default password policy cannot be false.

AUTHSRVC.CONNECTION_FAILED

Connection failed.

AUTHSRVC.CANT_DELETE_DEFAULT_PASSWORD_POLICY

Cannot delete default password policy.

AUTHSRVC.INVALID_ARGUMENTS

Invalid argument.

AUTHSRVC.INVALID_AUTH_POLICY_CONFIG

Invalid auth policy config.

AUTHSRVC.ACCESS_DENIED_TOKEN

Session expired. Please login again

AUTHSRVC.ADAPTIVE_BLOCK_ACTION

Action blocked. Please contact administrator.

SESSION_EXPIRED

Session expired. Please refresh and try again

AUTHSRVC.NON_REMOVABLE_REFERENCED_ENTITY

Cannot modify IDP configuration till active under Authentication Policy.

AUTHSRVC.PASSWORD_POLICY_NAME_ALRAEDY_EXISTS

Password policy name already exists.

AUTHSRVC.PASSWORD_POLICY_CONDITION_ALRAEDY_EXISTS

Policy Conditions already exists.

AUTHSRVC.DEFAULT_POLICY_UPDATE_NOT_ALLOWED

Default password policy update not allowed.

AUTHSRVC.PASSWORD_COMPOSITION_RULE_VIOLATION

Password provided does not match the required guidelines.

AUTHSRVC.MOBILE_NOT_FOUND

Mobile number is not registered please contact Cymmetri Administrator.

AUTHSRVC.ALREADY_EXISTS

Name already exist. Please enter unique name.

AUTHSRVC.LDAP_ACCESS_DENIED

Access denied.

AUTHSRVC.CLIENT_EXISTS

API Client with same name already configured.

AUTHSRVC.USER_NOT_ACTIVE

Delegated user not active

AUTHSRVC.INVALID_AUTH_CONFIG

Invalid auth config

AUTHSRVC.PASSWORD_POLICY_NAME_ALREADY_EXISTS

Password policy name already exists.

AUTHSRVC.TRUST_DEVICE_MAX_DEVICE_EXCEPTION

Exceeded device trust max limit

AUTHSRVC.TRUST_DEVICE_EXPIRY_EXCEPTION

Exceeded expiration time for trust devices

AUTHSRVC.MULTIPLE_TRUST_DEVICE_CONFIG

Multiple trust device configuration found

AUTHSRVC.INVALID_GLOBAL_SESSION_CONFIGURATION

Invalid global auth configuration

AUTHSRVC.MULTI_SESSION_ACCESS_DENIED

Session(s) already in progress. Logout from all sessions to continue.

MFASRVC.UNKNOWN

Error. Please try again.

MFASRVC.USER_NOT_FOUND

User not found. Please try again.

MFASRVC.ALREADY_SENT_SMS_OTP

SMS OTP already sent.

MFASRVC.INVALID_SMS_OTP

Invalid SMS OTP provided.

MFASRVC.RESEND_COUNT_EXCEED

Allowed resend attempt exceed please try after some time

MFASRVC.PUSH_NOTIFICATION_FAILED

Failed to send the push notification. Please try again later or contact Cymmetri Administrator.

MFASRVC.MFA_CONFIG_NOT_FOUND

Multi Factor Authentication configuration not found.

MFASRVC.INVALID_ARGUMENTS

Error. Invalid request.

MFASRVC.QUESTION_NOT_FOUND

Question not found.

MFASRVC.DUPLICATE_QUESTION

Question field is duplicate. Please try again.

MFASRVC.INCORRECT_ANSWER

Answer field is incorrect. Please try again.

MFASRVC.INVALID_USERID

Invalid User. Please try again.

MFASRVC.INVALID_QUESTIONID

Question is invalid. Please try again.

MFASRVC.USER_NOT_REGISTERED

User is not registered for TOTP/Push Authentication

MFASRVC.EMPTY_QUESTION

Question field is empty. Please try again.

MFASRVC.FAILED_MINIMUM_CORRECT_ANSWER

Please provide correct answer for each question.

MFASRVC.INVALID_TOTP

Invalid Time based OTP provided.

MFASRVC.INVALID_ANSWER

Answer field is invalid. Please try again.

MFASRVC.QUESTION_NOT_REGISTERED

Question is not registered.

MFASRVC.NON_REMOVABLE_QUESTION

Question in use and cannot be removed.

MFASRVC.USER_RESPONSE_PENDING

User response is pending.

MFASRVC.USER_DENIED_ACCESS

User denied access.

MFASRVC.NOT_ABLE_TO_MODIFY

Not able to modify. Please try again

MFASRVC.INVALID_ANSWER_LENGTH

Invalid answer length

MFASRVC.DISPOSABLE_EMAIL

MFASRVC.FIREHOL_IP_REPUTATION

Ip reputation sync failed

MFASRVC.SYNC_PROCESS_RUNNING

Sync is in progress. Please wait

MFASRVC.IMPOSSIBLE_TRAVEL_NOT_FOUND

Config not found

MFASRVC.DEVICE_TRUST_NOT_FOUND

Config not found

MFASRVC.BLACKLISTED_LOCATION_NOT_FOUND

Config not found

MFASRVC.LOCATION_EMPTY

MFASRVC.BLACKLISTED_IP_NOT_FOUND

Blacklisted IP not found

MFASRVC.IP_ADDRESS_EMPTY

MFASRVC.MFA_NOT_FOUND

MFA not found

MFASRVC.INVALID_CONFIG

Invalid configuration

MFASRVC.SERVICE_NOT_SUPPORTED

MFASRVC.PLUGIN_REGISTRY_NOT_REGISTERED

MFASRVC.BLACKLISTED_IPADDRESS_CONFIG_NOT_FOUND

Config not found

MFASRVC.BLACKLISTED_LOCATION_CONFIG_NOT_FOUND

Config not found

MFASRVC.IMPOSSIBLE_TRAVEL_CONFIG_NOT_FOUND

Config not found

MFASRVC.BREACHED_PASSWORD_CONFIG_NOT_FOUND

Config not found

MFASRVC.COUNTRY_CODE_MISMATCH_CONFIG_NOT_FOUND

Config not found

MFASRVC.SHORT_LIVED_DOMAIN_CONFIG_NOT_FOUND

Config not found

MFASRVC.USER_BEHAVIOUR_CONFIG_NOT_FOUND

Config not found

MFASRVC.MULTIPLE_DEVICE_TRUST_FOUND

Multiple config found

MFASRVC.COMMON_CREDENTIAL_DOWNLOAD_FAILED

WKFLSRVC.UNKNOWN

Please contact system Administrator

WKFLSRVC.WORKFLOW_NOT_FOUND

No workflow available

WKFLSRVC.INVALID_ARGUMENTS

Please check input and try again.

WKFLSRVC.INVALID_LEVEL

Workflow Config issue

WKFLSRVC.EXCEEDED_REPORTING_MANAGER

Can not more than reporting manager

WKFLSRVC.WORKFLOW_SETUP_NOT_FOUND

No workflow config available

WKFLSRVC.REQUESTOR_NOT_FOUND

Requestor not found in the system.

WKFLSRVC.WORKFLOW_IN_PROGESS

Request is pending for approval.

WKFLSRVC.REPORTING_MANAGER_NOT_FOUND

Please assign approver's manager to complete workflow.

WKFLSRVC.LEVEL_NOT_IN_RANGE

Workflow level is not in range.

WKFLSRVC.WORKFLOW_SETUP_ALREADY_EXISTS

Workflow setup already exists.

WKFLSRVC.COMMON_REQ_ASSG_ID

Self-approval is not allowed Please contact the administrator for the reassignment.

WKFLSRVC.SAME_REQUESTOR_ASSIGNEE

Workflow cannot be assigned to same user.

WKFLSRVC.WORKFLOW_ALREADY_EXISTS

Workflow with same name already exists.

WKFLSRVC.DAYS_THRESHOLD_EXCEED_EXCEPTION

Max allowed TAT is {maxAllowedDays} days

WKFLSRVC.DELEGATE_COMMON_REQ_ASSG_ID

Approver and assignee can't be same.

WKFLSRVC.APPLICATION_DECOMMISSIONED

This application is decommissioned so the request can not be approved/rejected please refresh the page.

SSOCONFIGSRVC.UNKNOWN

Error. Please try again.

SSOCONFIGSRVC.SSO_CONFIG_NOT_FOUND

SSO config not found.

SSOCONFIGSRVC.SAML_CONFIG_NOT_FOUND

Saml config not found.

SSOCONFIGSRVC.OPENID_CLIENT_NOT_FOUND

OpenID config not found.

SSOCONFIGSRVC.DUPLICATE_OPENID_CLIENT_ID

Duplicate OpenID Client ID.

SSOCONFIGSRVC.API_CONFIG_NOT_FOUND

API config not found.

SSOCONFIGSRVC.INVALID_ARGUMENTS

Invalid Arguments.

SSOCONFIGSRVC.INVALID_CIDR

Not all CIDR are valid

SSOCONFIGSRVC.UNSUPPORTED_FILE_TYPE

Unsupported File Type

SSOCONFIGSRVC.ERROR_GENERATING_KEYS

Failed to generate keys.

SSOCONFIGSRVC.CERTIFICATE_PARSING_ERROR

Failed to read certificate. Please try again.

SSOCONFIGSRVC.ERROR_DEACTIVATING_KEYS

Failed to deactivate key. Please try again.

SSOCONFIGSRVC.KEY_GENERATION_FAILED

Failed to generate keys.

SSOCONFIGSRVC.METADATA_GENERATION_FAILED

Could not generate Metadata.

SSOCONFIGSRVC.ALRAEDY_EXISTS

Configuration for same Entity ID already exists.

SSOCONFIGSRVC.KEYS_CANNOT_BE_DISABLED

Key is being used in IDP or SP

SSOCONFIGSRVC.KEY_DOES_NOT_EXISTS

No related key found

SSOCONFIGSRVC.IDENTITY_PROVIDER_IS_DISABLED

Identity Provider is disabled

SSOCONFIGSRVC.DUPLICATE_POLICY_MAPPING

Policy mapping already exists

SSOCONFIGSRVC.USER_DOES_NOT_HAVE_ACCESS

User does not have access

SSOCONFIGSRVC.KEYS_IS_DISABLED

Keys Disabled

SSOCONFIGSRVC.IDENTITY_PROVIDER_DOES_NOT_EXISTS

Identity Provider does not exist

SSOCONFIGSRVC.IDENTITY_PROVIDER_KEY_IS_DISABLED

Identity Provider key disabled

SSOCONFIGSRVC.SERVICE_PROVIDER_IS_DISABLED

Service Provider disabled

SSOCONFIGSRVC.IDENTITY_PROVIDER_ALREADY_ENABLED

Identity Provider already enabled

SSOCONFIGSRVC.IDENTITY_PROVIDER_CANNOT_BE_DISABLED

Identity Provider can not be disabled

SSOCONFIGSRVC.KEYS_ALREADY_EXISTS

Keys already exists

SSOCONFIGSRVC.KEY_MINIMUM_EXPIRATION

Key Minimum expiration

SSOCONFIGSRVC.SERVICE_PROVIDER_ENABLED

Service provider enabled

SSOCONFIGSRVC.SERVICE_PROVIDER_DISABLED

Service provider disabled

SSOCONFIGSRVC.KEY_IS_BEING_USED

Key already used

SSOCONFIGSRVC.SERVICE_PROVIDER_CANNOT_BE_UPDATED

Service provider can not be updated

SSOCONFIGSRVC.SERVICE_PROVIDER_IS_BEING_USED

Service provider is being used

SSOCONFIGSRVC.INVALID_SAML_CONFIG

invalid saml configuration

SSOCONFIGSRVC.NOT_FOUND

SSO cofiguration not found

SSOCONFIGSRVC.CONNECTION_FAILED

SSO configuration connection failed

SSOCONFIGSRVC.FORBIDDEN

SSO configuration forbidden

SSOCONFIGSRVC.UNAUTHORIZED

SSO configuration unauthorized

SSOCONFIGSRVC.CERTIFICATE_EXPIRED

SSO configuration certificate is expired

SSOCONFIGSRVC.SAML_APP_CONFIG_NOT_FOUND

SSO configuration saml application configuration not found

SSOCONFIGSRVC.SAML_ATTR_CONFIG_NOT_FOUND

SSO configuration saml attribute configuration not found

SSOCONFIGSRVC.OPENID_SCOPE_NOT_FOUND

SSO configuration openid scope not found

SSOCONFIGSRVC.OPENID_CLAIM_NOT_FOUND

SSO configuration openid claim not found

SSOCONFIGSRVC.APPLICATION_NOT_FOUND

SSO configuration application not found

SSOCONFIGSRVC.DUPLICATE_POLICYATTRIBUTE

SSO configuration policy attribute is duplicate

SSOCONFIGSRVC.INVALID_POLICYATTRIBUTE_ID

SSO configuration policy attribute is invalid

SSOCONFIGSRVC.INAVLID_POLICYATTRIBUTE_APPLICATION

SSO configuration policy attribute application is invalid

SSOCONFIGSRVC.MANDATORY_ENTRY

SSO configuration policy field is mandatory

SSOCONFIGSRVC.INVALID_POLICY_MAP

SSO configuration policy map is invalid

SSOCONFIGSRVC.NO_MAPPING_FOUND

SSO configuration mapping is not found

SSOCONFIGSRVC.IDENTITY_PROVIDER_DOES_EXISTS

SSO configuration identity provider does not exist

SSOCONFIGSRVC.MULTIPLE_IDENTITY_PROVIDER_EXISTS

SSO configuration multiple identity provider exists

SSOCONFIGSRVC.SERVICE_PROVIDER_EXISTS

SSO configuration service provider already exists

SSOCONFIGSRVC.SERVICE_PROVIDER_DOES_NOT_EXISTS

Service provider does not exist

SSOCONFIGSRVC.DOMAIN_EXISTS

Domain doesn't exists

SAMLSRVC.KEY_DOES_NOT_EXISTS

Key doesn't exists

SAMLSRVC.INVALID_COOKIE

Invalid session. Re-login and try again

SAMLSRVC.IDENTITY_PROVIDER_IS_DISABLED

Identity Provider is disabled

SAMLSRVC.EXPIRED_TOKEN

Session Expired. Please re-login and try again

SAMLSRVC.KEYS_IS_DISABLED

Key is disabled

SAMLSRVC.KEYS_IS_EXPIRED

Key is expired

SAMLSRVC.KEYS_NOT_GENERATED

Public and private key is not generated

SAMLSRVC.SAML_TYPE_NOT_APPLICABLE

SAML type configured and SAML type received mismatched

SAMLSRVC.NAMEID_MISMATCH

SAML nameId configured and nameId received mismatched

SAMLSRVC.INVALID_SAML2_AUTHN_REQUEST_SIGNATURE

SAML authentication request signature is invalid

SAMLSRVC.ISSUE_INSTANT_MISMATCH

SAML authentication response is invalid with issue instant

SAMLSRVC.MESSAGE_REPLAY

SAML message is being sent again

SAMLSRVC.DESITNATION_MISMATCH

SAML destination configured and received mismatched

SAMLSRVC.VERSION_MISMATCH

SAML version does not match

SAMLSRVC.PROTOCOL_BINDING_MISMATCH

SAML protocol binding does not match

SAMLSRVC.REQUEST_ISSUER_URI_MISMATCH

SAML request issuer uri does not match

SAMLSRVC.ASSERTION_CONSUMER_SERVICE_URI_MISMATCH

SAML request assertion consumer service uri does not match

SAMLSRVC.INVALID_USER_SESSION

SAML user session is invalid

SAMLSRVC.USER_DOES_NOT_HAVE_ACCESS

User does not have access

SAMLSRVC.IDENTITY_PROVIDER_DOES_NOT_EXISTS

Identity Provider does not exist

SAMLSRVC.IDENTITY_PROVIDER_KEY_IS_DISABLED

Identity Provider key is disabled

SAMLSRVC.SERVICE_PROVIDER_IS_DISABLED

Service Provider is disabled

UTILSRVC.UNKNOWN

Error. Please try again.

UTILSRVC.INVALID_ARGUMENTS

Error. Please correct input and try again.

UTILSRVC.CONFIGURATION_EXIST

Hook already present.

UTILSRVC.ALREADY_EXISTS

Hook already present.

UTILSRVC.META_ATTRIBUTE_EXISTS

Name/Key or Value already exist.

UTILSRVC.MODULES_ENQUIRY_EXIST

Sales team is working on your request. We will get back to you soon.

UTILSRVC.LABEL_ALREADY_EXIST

Label Already Exists

UTILSRVC.EVENT_ALREADY_EXIST

Event Already Exists

UTILSRVC.BEHALF_CONFIG_NOT_FOUND

On Behalf configuration is not found.

UTILSRVC.MULTIPLE_BEHALF_CONFIG_FOUND

Multiple Behalf configurations found.

UTILSRVC.LENGTH_EXCEED_EXCEPTION

Length exceeded

UTILSRVC.SCRIPT_CUSTOM_ERROR-MOBILEALREADYEXIST

Mobile number already in use Try again with another number.

UTILSRVC.SCRIPT_CUSTOM_ERROR-EMAILALREADYEXIST

Email already in use Try again with another email.

USRSRVC.FORM_NOT_FOUND

Form not found

UTILSRVC.WEBHOOK_CALL_FAILED

Webhook test failed.

UTILSRVC.BATCH_TASK_EXECUTION_FAILED

Batch process execution failed.

UTILSRVC.BATCH_TASK_ALREADY_EXIST

Batch task already exists.

PROVSRVC.UNKNOWN

Error. Please try again later or contact Cymmetri Administrator.

PROVSRVC.USER_NOT_FOUND

User not found.

PROVSRVC.INVALID_ARGUMENTS

Error. Please correct input and try again.

PROVSRVC.APPLICATION_NOT_FOUND

Application not found. Please try again.

PROVSRVC.INVALID_USER_ACTION

User action not allowed. Please check configuration.

PROVSRVC.INVALID_GROUP_ACTION

Group action not allowed. Please check configuration.

PROVSRVC.INVALID_ROLE_ACTION

Role action not allowed. Please check configuration.

PROVSRVC.INAVLID_ACTION

Error. Please try again.

PROVSRVC.UID_NOT_FOUND

Record not found. Please try again.

PROVSRVC.Empty_Role_Id

Role not provided. Please try again.

PROVSRVC.Duplicate_GroupID

Duplicate Group association.

PROVSRVC.Invalid_GroupId

Invalid Group association.

PROVSRVC.CONNECTOR_NOT_FOUND

Connector not available. Please contact Cymmetri administrator.

PROVSRVC.UNSUPPORTED_OPERATION

Operation not supported.

PROVSRVC.APPLICATION_ALREADY_EXISTS

Application already exists.

PROVSRVC.INVALID_POLICYATTRIBUTE_ID

Invalid Policy configuration. Please try again.

PROVSRVC.DUPLICATE_POLICYATTRIBUTE

Duplicate Policy attribute selected.

PROVSRVC.INVALID_POLICY_MAP

Invalid Policy map.

PROVSRVC.INVALID_MASTER_AAPPLICATION_Id

Invalid master application reference.

PROVSRVC.NO_MAPPING_FOUND

Policy map not found.

PROVSRVC.DUPLICATE_POLICY_MAPPING

Duplicate Policy mapping.

PROVSRVC.INAVLID_POLICYATTRIBUTE_APPLICATION

Invalid Policy association. Please try again.

PROVSRVC.PROVISIONING_NOT_ENABLE

Provisioning not enable

PROVSRVC.DUPLICATE_ROLE

Role ID in use. Please try again.

PROVSRVC.DUPPLICATE_NAME

Name already in use.

PROVSRVC.IDENTITY_ALREADY_EXISTS_EXCEPTION

User principle is already checked Please reset and try again.

PROVSRVC.IDENTITY_NOT_CHECKED_EXCEPTION

At least one user principle should be checked.

RULESRVC.UNKNOWN

Error. Please try again.

RULESRVC.RULE_NOT_FOUND

Rule not found.

RULESRVC.RULE_CONDITION_NOT_FOUND

Rule condition not found.

RULESRVC.RULE_ACTION_GROUP_NOT_FOUND

No group associated with rule. Please try again.

RULESRVC.NON_REMOVABLE_REFERENCED_ENTITY

Cannot be modified as entity in use.

RULESRVC.ALRAEDY_EXISTS

Rule with same name already exists.

RULESRVC.RULE_CONFIGURE_ALREADY_EXIST

Rule with same condition configuration already exists.

RULESRVC.MULTIPLE_ZONES_FOUND

Multiple zones found.

RULESRVC.ZONE_NOT_FOUND

Zone not found.

RULESRVC.INVALID_ARGUMENTS

Please correct the input and try again.

RULESRVC.DEFAULT_RULE_NOT_FOUND

Default rule not found.

IGSRVC.UNKNOWN

Error. Please try again.

IGSRVC.INVALID_JWT

Error. Invalid JWT token.

IGSRVC.CAMPAIGN_COMPLETION_PERIOD_EXCEED

Error. Campaign Completion Period Exceeded.

IGSRVC.CAMPAIGN_STAGE_NOT_FOUND

Error. Campaign Stage Not Found.

IGSRVC.CAMPAIGN_SCOPE_NOT_FOUND

Error. Campaign Scope Not Found.

IGSRVC.CAMPAIGN_ALREADY_IN_DRAFT_STATE

Error. Campaign Already In Draft State.

IGSRVC.CAMPAIGN_ALREADY_IN_PUBLISHED_STATE

Error. Campaign Already In Published State.

IGSRVC.CAMPAIGN_EXECUTION_IN_PROGRESS

Error. Campaign Execution in Progress.

IGSRVC.CAMPAIGN_ASSIGNMENT_NOT_FOUND

Error. Campaign Assignment Not Found.

IGSRVC.CAMPAIGN_HISTORY_NOT_FOUND

Error. Campaign History Not Found.

IGSRVC.UNABLE_TO_PROCESS_RESPONSE

Error. Unable To Process Response.

IGSRVC.CAMPAIGN_ASSIGNMENT_APPLICATION_NOT_FOUND

Error. Campaign Assignment Application Not Found.

IGSRVC.CAMPAIGN_ASSIGNMENT_APPLICATION_ROLE_NOT_FOUND

Error. Campaign Assignment Application Role Not Found.

IGSRVC.APP_ROLE_ALREADY_PROCEED

Error. App Role Already Proceeded.

IGSRVC.INACTIVE_USER_FOUND

Error. Inactive User Found.

IGSRVC.NO_ACTIVE_EXECUTION_FOUND

Error. No Active Execution Found.

IGSRVC.INVALID_CRON_EXPRESSION

Error. Invalid Cron Expression.

IGSRVC.DUPLICATE_CAMPAIGNNAME

Error. Duplicate Campaign Name.

IGSRVC.CAMPAIGN_NOT_FOUND

Campaign not found.

IGSRVC.INVALID_ARGUMENTS

Error. Please correct input and try again.

IGSRVC.CAMPAIGN_STATE_STARTED

Error. Campaign State Already Started.

IGSRVC.STAGE_LIMIT_EXCEED

Error. Stage Limit Exceeded.

IGSRVC.DUPLICATE_STAGE

Error. Duplicate Stage.

IGSRVC.ASSIGNMENT_ALREADY_PROCEED

Error. Assignment Already Proceeded.

IGSRVC.INVALID_CAMPAIGN_ITERATION

Invalid Campaign Iteration.

IGSRVC.INVALID_CAMPAIGN_MANAGER_ASSIGNEE

Campaign manager or assignee configured in stages are not valid.

IGSRVC.INVALID_CAMPAIGN_STATUS

Campaign execution in progress operation not allowed.

IGSRVC.USER_WITH_NO_VALID_APPLICATION

No valid assignments found aborted execution.

IGSRVC.CONNECTION_FAILED

Please check your internet connection.

IGSRVC.ALRAEDY_EXISTS

Record already exists.

IGSRVC.FORBIDDEN

Please contact system administrator.

IGSRVC.UNAUTHORIZED

Please contact system administrator.

IGPROCESS.UNKNOWN

Error. Please try again.

IGPROCESS.INVALID_ARGUMENTS

Error. Please correct input and try again.

IGPROCESS.CAMPAIGN_NOT_FOUND

Error. Campaign Not Found.

IGPROCESS.NO_ACTIVE_EXECUTION_FOUND

Error. No Active Execution Found.

IGPROCESS.CAMPAIGN_HISTORY_NOT_FOUND

Error. Campaign History Not Found.

IGPROCESS.INVALID_CAMPAIGN_ITERATION

Error. Invalid Campaign Iteration.

IGPROCESS.CAMPAIGN_EXECUTION_IN_PROGRESS

Error. Campaign Execution In Progress.

IGPROCESS.MATCHING_ASSIGNMENTS_NOT_FOUND

Error. Matching Assignments Not Found.

SCHEDULER.UNKNOWN

Error. Please try again.

SCHEDULER.TASK_NOT_FOUND

Error. Task Not Found.

SCHEDULER.TASK_NOT_ACTIVE

Error. Task Not Active.

SCHEDULER.INVALID_ARGUMENTS

Error. Please correct input and try again.

SCHEDULER.INVALID_START_DATE

Error. Invalid Start Date.

SCHEDULER.TENANT_NOT_FOUND

Error. Tenant Not Found.

SCHEDULER.UPDATE_NOT_SUPPORTED

Error. Update Is Not Supported.

SCHEDULER.CRON_REPETITION_BELOW_ALLOWED_LIMIT

Error. Cron Repetition Is Below Allowed Limit.

SCHEDULER.INVALID_CRON_EXPRESSION

Invalid Cron Expression.

SODSRVC.ALREADY_EXISTS

Error. Value Already Exists.

SODSRVC.INVALID_ARGUMENTS

Error. Please correct the input and try again.

SAMLEXTIDPCONFIGSRVC.UNKNOWN

Error. Please try again.

SAMLEXTIDPCONFIGSRVC.IDENTITY_PROVIDER_WITH_NAME_EXISTS

Idenity Provider with same name already exist. Please enter unique name.

SAMLEXTIDPCONFIGSRVC.SERVICE_PROVIDER_WITH_NAME_EXISTS

Service Provider with same name already exists.

SAMLEXTIDPCONFIGSRVC.NON_REMOVABLE_REFERENCED_ENTITY

Cannot modify or remove service provider till active under external identity policy or rule.

SAMLEXTIDPCONFIGSRVC.INVALID_ARGUMENTS

Please correct the input and try again.

SAMLEXTIDPCONFIGSRVC.CERTIFICATE_PARSING_ERROR

Error occurred while parsing certificate.

SAMLEXTIDPCONFIGSRVC.AUTH_TYPE_CANNOT_BE_UPDATED

Identity provider type cannot be updated.

SAMLEXTIDPCONFIGSRVC.CONNECTION_FAILED

Please check your internet connection.

SAMLEXTIDPCONFIGSRVC.IDP_CONFIGURATION_NOT_FOUND

Identity provider configuration not found.

SAMLEXTIDPCONFIGSRVC.MULTIPLE_IDP_CONFIGURATION_FOUND

Multiple identity provider configuration found.

SAMLEXTIDPCONFIGSRVC.NAME_ID_POLICY_NAME_ID_VALUE_MISMATCH

NameIdPolicy and NameIdValue does not match.

SAMLEXTIDPCONFIGSRVC.SP_CONFIGURATION_NOT_FOUND

Service provider configuration not found.

SAMLEXTIDPCONFIGSRVC.UNAUTHORIZED

Please contact system administrator.

SAMLEXTIDPCONFIGSRVC.SERVICE_PROVIDER_NOT_FOUND

Service provider not found.

SAMLEXTIDPCONFIGSRVC.CERTIFICATE_NOT_FOUND

Certificate not found.

SAMLEXTIDPCONFIGSRVC.EAMIL_EXISTS

Email already exists.

SAMLEXTIDPCONFIGSRVC.CUSTOM_IDENTITY_TYPE_MUST_HAVE_ID

Custom identity type must have ID.

SAMLEXTIDPCONFIGSRVC.INACTIVE_CONFIGURATION_FOUND

Inactive configuration found.

SAMLEXTIDPCONFIGSRVC.INVALID_IDP_CONFIGURED

Invalid IDP configured.

SAMLEXTIDPCONFIGSRVC.NO_MAPPING_FOUND

No mapping found.

SAMLEXTIDPCONFIGSRVC.INVALID_POLICY_MAPPING

Invalid policy mapping.

SAMLEXTIDPCONFIGSRVC.POLICY_MAP_REQUIRED_FIELD_NOT_FOUND

Policy map required field not found.

SAMLEXTIDPCONFIGSRVC.MANDATORY_FIELD_EXCEPTION

Mandatory field exception.

SAMLEXTIDPCONFIGSRVC.MAPPING_ALREADY_EXISTS

Mapping already exists.

SAMLEXTIDPCONFIGSRVC.JIT_CONFIGURATION_NOT_FOUND

JIT configuration not found.

USRSRVC.INVALID_EXTENSION_ENDDATE

Extended end date should be less than current access end date.

MFASRVC.SMS_OTP_EXPIRED

SMS OTP expired.

MFASRVC.SHORT_ANSWER_LENGTH

Answer length is short.

MFASRVC.DEVICE_INFO_NOT_FOUND

Please scan the QR code.

AUTHSRVC.USER_LOCKED

User locked. Please Unlock your Account.

AUTHSRVC.EMAIL_NOT_FOUND

Email not found.

AUTHSRVC.INVALID_USER_ACCOUNT_STATE

Your account is expired/inactive. Please contact Cymmetri Administrator

AUTHSRVC.INVALID_DATE

Start/End date should be greater than current date and time.

AUTHSRVC.DELEGATE_CONSENT_NOT_FOUND

Error. Delegate consent not found.

AUTHSRVC.DELEGATE_USER_NOT_FOUND

Error. User doesn't have delegation access.

AUTHSRVC.NO_OPTION_AVAILABLE

Please contact Cymmetri Administrator for Password Reset.

AUTHSRVC.DELEGATION_DEACTIVATE

Error. Delegation is inactive.

AUTHSRVC.PASSWORD_EXPIRED

Your password has expired Please reset your password.

PROVSRVC.UNSUPPORTED_DELEGETE_MFA_SETUP

Delegatee can't setup MFA for application having additional authentication

PAMSRVC.UNSUPPORTED_DELEGETE_MFA_SETUP

Delegatee can't setup MFA for application having additional authentication

SLFSRVC.EXISITNG_APP_IN_TAG_FOUND

Application already available in tag.

AD-ADAPTER.FAILED_TO_PWD_CHANGE

Password change failed.

AUTHSRVC.INVALID_CONFIG

Invalid config for authentication policy or rule

PROVSRVC.UNAUTHORIZED

Unauthorized access.

REGSRVC.UNAUTHORIZED

Unauthorized access.

MFASRVC.INVALID_MFA_OTP_CONFIG

Invalid Otp config please contact admin

MFASRVC.EMAIL_NOT_FOUND

Email not registered please contact admin

MFASRVC.MOBILE_NOT_FOUND

Mobile not registered please contact admin

MFASRVC.EMAIL_MOBILE_NOT_FOUND

Mobile or email not registered please contact admin

MFASRVC.LARGE_ANSWER_LENGTH

Maximum answer lenght exceeded try with shorter length answer

SLFSRVC.EXISITNG_USER_TAG_FOUND

Tag with same name already exists

SLFSRVC.IMAGE_MAXSIZE_EXCEEDED

Maximum limit for file size exceeded.

SLFSRVC.IMAGE_TYPE_NOTALLOWED

Image Type not allowed

SLFSRVC.INVALID_ARGUMENTS

Invalid Arguments

REPORT.EMAIL_NOT_EXISTS_EXCEPTION

User Email Not Found. Please contact cymmetri administrator.

REPORT.CONNECTION_FAILED

Failed to send report.

SOME_ERROR_OCCURRED_WORKING_ON_IT

Please contact cymmetri administrator.

INVALID_IDENTITY_PROVIDER_STATUS

Invalid Identity Provider Status. Please contact cymmetri administrator.

INVALID_ARGUMENTS

Please correct Input and try again. Please contact cymmetri administrator.

INVALID_SERVICE_PROVIDER_STATUS

Invalid Service Provider Status. Please contact cymmetri administrator.

MANDATORY_FIELD_EXCEPTION

Mandatory Field is Missing. Please contact cymmetri administrator.

TENANT_OR_HOST_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

TENANT_OR_HOST_PROTO_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

SOME_IMPERSONATE_ACCESS

Unauthorized Access. Please contact cymmetri administrator.

SERVICE_PROVIDER_INBOUND_MESSAGE_ERROR

Invalid SAML Message Received. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_VERSION

Invalid SAML Response Assertion version. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ISSUE_INSTANT

Invalid SAML Response Issue. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_STATUS

Invalid SAML Response Status. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_STATUS_REQUESTER_URI

Invalid SAML Response Status Requester URI. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_STATUS_RESPONDER_URI

Invalid SAML Response Status Response URI. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_STATUS_VERSION_MISMATCH_URL

Invalid SAML Response Status Version Mismatch URI. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE

Invalid SAML Response. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_DESTINATION

Invalid SAML Response Destination. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_VERSION_OR_ASSERTION_VERSION

Invalid SAML Response Version or Assertion Version. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_SUBJECT

Invalid SAML Response Assertion Subject. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_SUBJECT_NAMEID

Invalid SAML Response Assertion Subject NameId. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_ISSUER

Invalid SAML Response Assertion Issuer. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_CONDITION_AUDIENCE

Invalid SAML Response Assertion Condition Audience. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_AUTHNSTATEMENT

Invalid SAML Response Assertion AuthNStatement. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_ATTRIBUTE

Invalid SAML Response Assertion Attribute. Please contact cymmetri administrator.

MULTIPLE_ASSERTIONS_IN_RESPONSE_NOT_SUPPORTED

Multiple Assertion in Response Not Supported. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_SIGNATURE

Invalid SAML Response Assertion Signature. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_SIGNATURE

Invalid SAML Response Signature. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_CONDITION

Invalid SAML Response Assertion Condition. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION

Invalid SAML Response Assertion. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ISSUER

Invalid SAML Response Issuer. Please contact cymmetri administrator.

IDP_CONFIGURATION_NOT_FOUND

Idp Configuration Not Found. Please contact cymmetri administrator.

SP_ID_IDP_ID_LOGIN_EMPTY

Service provider or identity provider login not provided. Please contact cymmetri administrator.

SERVICE_PROVIDER_CONFIGURATION_NOT_FOUND

Service Provider Configuration Not Found. Please contact cymmetri administrator.

ERROR_BUILDING_SAML_AUTHN_REQUEST

Failed To Build SAML Authentication Request. Please contact cymmetri administrator.

ERROR_PERSISTING_SAML_AUTHN_REQUEST

Failed To Persist SAML Authentication Request. Please contact cymmetri administrator.

ERROR_SENDING_SAML_AUTHN_REQUEST

Failed to Send SAML Authentication Request. Please contact cymmetri administrator.

USER_EMAIL_ADDRESS_NOT_PRESENT

User Email Not Found. Please contact cymmetri administrator.

USER_LOGIN_NOT_PRESENT

User Login Not Found. Please contact cymmetri administrator.

EMAIL_ADDRESS_DOES_NOT_MATCH

Email Address does not matching. Please contact cymmetri administrator.

LOGIN_DOES_NOT_MATCH

USER_NOT_AVAILABLE

User is not present. Please contact cymmetri administrator.

SERVICE_PROVIDER_NOT_FOUND

Service provider is not found. Please contact cymmetri administrator.

UNAUTHORIZED_ACCESS

Unauthorized Access. Please contact cymmetri administrator.

UNAUTHORIZED

Unauthorized Access. Please contact cymmetri administrator.

USER_NOT_FOUND

User Not found. Please contact cymmetri administrator.

DATA_NOT_PRESENT

Application configuration does not exist. Please contact cymmetri administrator.

ARGUMENT_IS_REQUIRED

Please correct Input and try again. Please contact cymmetri administrator.

APPLICATION_CONFIG_EXISTS

Application Configuration already exists. Please contact cymmetri administrator.

APPLICATION_CONFIG_NOT_PRESENT

Application configuration does not exists. Please contact cymmetri administrator.

INVALID_TOKEN

Invalid token Please contact cymmetri administrator.

TENANT_NOT_FOUND

Tenant detail not availaible. Please contact cymmetri administrator.

INVALID_APPLICATION_ID

Invalid application id. Please contact cymmetri administrator.

APPLICATION_WITH_ISSUER_NOT_FOUND

Application configuration with issuer not found. Please contact cymmetri administrator.

EXCEPTION_OCCURED_WITH_TENANT_JKS

Please contact cymmetri administrator.

EXCEPTION_OCCURED_WITH_TENANT_JKS_KEY_GENERATE

Please contact cymmetri administrator.

APPLICATION_NOT_ASSIGNED_TO_USER

Application is not assigned to the user. Please contact cymmetri administrator.

USER_NOT_ASSIGNED_SERVICE_PROVIDER_ERROR

User is not assigned to the service provider. Please contact cymmetri administrator.

SOMETHING_WENT_WRONG

Please contact cymmetri administrator.

SERVICE_PROVIDER_NAMEIDVALUE_MISMATCH_ERROR

Service provider nameId value does not match with configured application. Please contact cymmetri administrator.

SERVICE_PROVIDER_NAMEID_MISMATCH_ERROR

Service provider nameId value does not match with configured application. Please contact cymmetri administrator.

TENANT_HOST_NOT_FOUND

Please contact cymmetri administrator.

APPLICATION_CONFIG_NOT_FOUND

Application Configuration not found. Please contact cymmetri administrator.

SAMLREQUEST_NOT_PRESENT_IN_REQUEST

SAML Request is not present in Request. Please contact cymmetri administrator.

CONFIGURED_REQUEST_ISSUER_AND_SAML_REQUEST_NOT_ISSUER_NOT_MATCH

Application issuer Configuration does not match. Please contact cymmetri administrator.

INVALID_REQUEST_ISSUER

Invalid Request Issuer. Please contact cymmetri administrator.

IDENTITY_TOKEN_SAML_REQUEST_NOT_FOUND

Invalid Identity SAML Request Token. Please contact cymmetri administrator.

IDENTITY_REFRESH_SAML_REQUEST_NOT_FOUND

Invalid Refresh SAML Request Token. Please contact cymmetri administrator.

USER_NOT_ASSIGNED_TO_APPLICATION

User is not associated with the application. Please contact cymmetri administrator.

SSO_ERROR_SENDING_SAML_RESPONSE

Error Sending SAML Response. Please contact cymmetri administrator.

SSO_CONFIG_NOT_FOUND_APPLICATION_ID

SSO configuration not found for application. Please contact cymmetri administrator.

SSO_USER_NOT_FOUND

SSO user found for application. Please contact cymmetri administrator.

INTERNAL_SERVER_ERROR

Please contact cymmetri administrator.

IDP_SSO_JKS_MANAGER_FAILED

Please contact cymmetri administrator.

IDP_SSO_CUSTOM_JKS_FAILED

Please contact cymmetri administrator.

IDP_SSO_FAILED

SSO failed for identity provider. Please contact cymmetri administrator.

SERVICE_PROVIDER_SESSION_NOT_FOUND

Service provider session not availaible. Please contact cymmetri administrator.

INVALID_SP_INITIATED_REQUEST

Invalid service provider request. Please contact cymmetri administrator.

ERROR_PARSING_SAML_SLO

Error validating saml slo request. Please contact cymmetri administrator.

SERVICE_PROVIDER_ERROR

Failed with service provider. Please contact cymmetri administrator.

EXPIRED_REFRESH_TOKEN

Refresh token is expired. Please contact cymmetri administrator.

INVALID_REFRESH_TOKEN

Invalid refresh token. Please contact cymmetri administrator.

EMPTY_REFRESH_TOKEN

Empty refresh token. Please contact cymmetri administrator.

REFRESH_TOKEN_COOKIE_NOT_PRESENT

Refresh token cookie not present. Please contact cymmetri administrator.

APPLICATION_ID_NOT_PRESENT_IN_CONFIG

Application id not present. Please contact cymmetri administrator.

APPLICATION_ID_NOT_PRESENT_IN_REQUEST

Application id is not present in request Please contact cymmetri administrator.

EXPIRED_SSO_IDENTITY_TOKEN

SSO identity token is expired. Please contact cymmetri administrator.

EMPTY_SSO_IDENTITY_TOKEN

SSO identity token is invalid. Please contact cymmetri administrator.

REQUEST_ISSUER_FROM_SAML_REQUEST_NOT_PRESNETTITY_TOKEN

Request issuer is not present in saml request. Please contact cymmetri administrator.

INVALID_SSO_IDENTITY_TOKEN

Invalid SSO identity token. Please contact cymmetri administrator.

IDP_SLO_FAILED

Identity provider single logout failed. Please contact cymmetri administrator.

BUILD_SLO_REQUEST_FAILED

Build to failed single logout request. Please contact cymmetri administrator.

SLO_REQUEST_SEND_FAILED

Failed to send single logout request. Please contact cymmetri administrator.

SLO_RESPONSE_SEND_FAILED

Failed to send single logout response. Please contact cymmetri administrator.

ERROR_PERSISTING_SLO_REQUEST

Failed to persist single logout request. Please contact cymmetri administrator.

SLO_RESPONSE_SAML_ATTRIBUTE_VALIDATION_FAILED

Failed to validate single logout response attribute. Please contact cymmetri administrator.

INVALID_SAML_SLO_RESPONSE

Invalid saml single logout response. Please contact cymmetri administrator.

INVALID_SAML_SLO_MESSAGE

Invalid saml single logout message. Please contact cymmetri administrator.

SLO_REQUEST_VALIDATION_FAILED

Failed to validate single logout request. Please contact cymmetri administrator.

SLO_RESPONSE_VALIDATION_FAILED

Failed to validate single logout response. Please contact cymmetri administrator.

REMOVE_USER_BEFORE_APPLICATION

Users should get removed before removing the application.

PROVSRVC.REMOVE_USER_BEFORE_APPLICATION

Users should get removed before removing the application.

PAMSRVC.INVALID_ARGUMENTS

AD Parameter not found

PAMSRVC.IMPORT_DATA_TO_CSV_FILE_FAILED

CSV file not generated

PAMSRVC.UPDATE_AD_USER_PASSWORD_FAILED

Password update fail

PAMSRVC.VAULT_USER_ALREADY_AVAILABLE

Vault user already exist

PAMSRVC.BREAK_GLASS_NOT_FOUND

Break Glass Configuration Not Found

PAMSRVC.SERVER_ALREADY_EXISTS

Device Already Exists

DORMANCY_DISABLE_DAYS_EXCEEDED

Config days exceeded

PAMSRVC.DORMANCY_DISABLE_DAYS_EXCEEDED

Config days exceeded

SAMLSPSRVC.SOME_ERROR_OCCURRED_WORKING_ON_IT

Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_IDENTITY_PROVIDER_STATUS

Invalid Identity Provider Status. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_ARGUMENTS

Please correct Input and try again. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SERVICE_PROVIDER_STATUS

Invalid Service Provider Status. Please contact cymmetri administrator.

SAMLSPSRVC.MANDATORY_FIELD_EXCEPTION

Mandatory Field is Missing. Please contact cymmetri administrator.

SAMLSPSRVC.TENANT_OR_HOST_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

SAMLSPSRVC.TENANT_OR_HOST_PROTO_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

SAMLSPSRVC.SOME_IMPERSONATE_ACCESS

Unauthorized Access. Please contact cymmetri administrator.

SAMLSPSRVC.SERVICE_PROVIDER_INBOUND_MESSAGE_ERROR

Invalid SAML Message Received. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_VERSION

Invalid SAML Response Assertion version. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ISSUE_INSTANT

Invalid SAML Response Issue. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_STATUS

Invalid SAML Response Status. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_STATUS_REQUESTER_URI

Invalid SAML Response Status Requester URI. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_STATUS_RESPONDER_URI

Invalid SAML Response Status Response URI. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_STATUS_VERSION_MISMATCH_URL

Invalid SAML Response Status Version Mismatch URI. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE

Invalid SAML Response. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_DESTINATION

Invalid SAML Response Destination. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_VERSION_OR_ASSERTION_VERSION

Invalid SAML Response Version or Assertion Version. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_SUBJECT

Invalid SAML Response Assertion Subject. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_SUBJECT_NAMEID

Invalid SAML Response Assertion Subject NameId. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_ISSUER

Invalid SAML Response Assertion Issuer. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_CONDITION_AUDIENCE

Invalid SAML Response Assertion Condition Audience. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_AUTHNSTATEMENT

Invalid SAML Response Assertion AuthNStatement. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_ATTRIBUTE

Invalid SAML Response Assertion Attribute. Please contact cymmetri administrator.

SAMLSPSRVC.MULTIPLE_ASSERTIONS_IN_RESPONSE_NOT_SUPPORTED

Multiple Assertion in Response Not Supported. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_SIGNATURE

Invalid SAML Response Assertion Signature. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_SIGNATURE

Invalid SAML Response Signature. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_CONDITION

Invalid SAML Response Assertion Condition. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION

Invalid SAML Response Assertion. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ISSUER

Invalid SAML Response Issuer. Please contact cymmetri administrator.

SAMLSPSRVC.IDP_CONFIGURATION_NOT_FOUND

Idp Configuration Not Found. Please contact cymmetri administrator.

SAMLSPSRVC.SP_ID_IDP_ID_LOGIN_EMPTY

Service provider or identity provider login not provided. Please contact cymmetri administrator.

SAMLSPSRVC.SERVICE_PROVIDER_CONFIGURATION_NOT_FOUND

Service Provider Configuration Not Found. Please contact cymmetri administrator.

SAMLSPSRVC.ERROR_BUILDING_SAML_AUTHN_REQUEST

Failed To Build SAML Authentication Request. Please contact cymmetri administrator.

SAMLSPSRVC.ERROR_PERSISTING_SAML_AUTHN_REQUEST

Failed To Persist SAML Authentication Request. Please contact cymmetri administrator.

SAMLSPSRVC.ERROR_SENDING_SAML_AUTHN_REQUEST

Failed to Send SAML Authentication Request. Please contact cymmetri administrator.

SAMLSPSRVC.USER_EMAIL_ADDRESS_NOT_PRESENT

User Email Not Found. Please contact cymmetri administrator.

SAMLSPSRVC.USER_LOGIN_NOT_PRESENT

User Login Not Found. Please contact cymmetri administrator.

SAMLSPSRVC.EMAIL_ADDRESS_DOES_NOT_MATCH

Email Address does not matching. Please contact cymmetri administrator.

SAMLSPSRVC.LOGIN_DOES_NOT_MATCH

SAMLSPSRVC.USER_NOT_AVAILABLE

User is not present. Please contact cymmetri administrator.

SAMLSPSRVC.SERVICE_PROVIDER_NOT_FOUND

Service provider is not found. Please contact cymmetri administrator.

SAMLSPSRVC.UNAUTHORIZED_ACCESS

Unauthorized Access. Please contact cymmetri administrator.

SAMLSPSRVC.UNAUTHORIZED

Unauthorized Access. Please contact cymmetri administrator.

SAMLSPSRVC.USER_NOT_FOUND

User Not found. Please contact cymmetri administrator.

SAMLSRVC.SOME_ERROR_OCCURRED_WORKING_ON_IT

Please contact cymmetri administrator.

SAMLSRVC.DATA_NOT_PRESENT

Application configuration does not exist. Please contact cymmetri administrator.

SAMLSRVC.ARGUMENT_IS_REQUIRED

Please correct Input and try again. Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_CONFIG_EXISTS

Application Configuration already exists. Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_CONFIG_NOT_PRESENT

Application configuration does not exists. Please contact cymmetri administrator.

SAMLSRVC.INVALID_TOKEN

Invalid token Please contact cymmetri administrator.

SAMLSRVC.TENANT_NOT_FOUND

Tenant detail not availaible. Please contact cymmetri administrator.

SAMLSRVC.INVALID_APPLICATION_ID

Invalid application id. Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_WITH_ISSUER_NOT_FOUND

Application configuration with issuer not found. Please contact cymmetri administrator.

SAMLSRVC.EXCEPTION_OCCURED_WITH_TENANT_JKS

Please contact cymmetri administrator.

SAMLSRVC.EXCEPTION_OCCURED_WITH_TENANT_JKS_KEY_GENERATE

Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_NOT_ASSIGNED_TO_USER

Application is not assigned to the user. Please contact cymmetri administrator.

SAMLSRVC.TENANT_OR_HOST_PROTO_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

SAMLSRVC.USER_NOT_ASSIGNED_SERVICE_PROVIDER_ERROR

User is not assigned to the service provider. Please contact cymmetri administrator.

SAMLSRVC.SOMETHING_WENT_WRONG

Please contact cymmetri administrator.

SAMLSRVC.SERVICE_PROVIDER_NAMEIDVALUE_MISMATCH_ERROR

Service provider nameId value does not match with configured application. Please contact cymmetri administrator.

SAMLSRVC.SERVICE_PROVIDER_NAMEID_MISMATCH_ERROR

Service provider nameId value does not match with configured application. Please contact cymmetri administrator.

SAMLSRVC.TENANT_HOST_NOT_FOUND

Please contact cymmetri administrator.

SAMLSRVC.TENANT_OR_HOST_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_CONFIG_NOT_FOUND

Application Configuration not found. Please contact cymmetri administrator.

SAMLSRVC.SAMLREQUEST_NOT_PRESENT_IN_REQUEST

SAML Request is not present in Request. Please contact cymmetri administrator.

SAMLSRVC.CONFIGURED_REQUEST_ISSUER_AND_SAML_REQUEST_NOT_ISSUER_NOT_MATCH

Application issuer Configuration does not match. Please contact cymmetri administrator.

SAMLSRVC.INVALID_REQUEST_ISSUER

Invalid Request Issuer. Please contact cymmetri administrator.

SAMLSRVC.IDENTITY_TOKEN_SAML_REQUEST_NOT_FOUND

Invalid Identity SAML Request Token. Please contact cymmetri administrator.

SAMLSRVC.IDENTITY_REFRESH_SAML_REQUEST_NOT_FOUND

Invalid Refresh SAML Request Token. Please contact cymmetri administrator.

SAMLSRVC.USER_NOT_ASSIGNED_TO_APPLICATION

User is not associated with the application. Please contact cymmetri administrator.

SAMLSRVC.SSO_ERROR_SENDING_SAML_RESPONSE

Error Sending SAML Response. Please contact cymmetri administrator.

SAMLSRVC.SSO_CONFIG_NOT_FOUND_APPLICATION_ID

SSO configuration not found for application. Please contact cymmetri administrator.

SAMLSRVC.SSO_USER_NOT_FOUND

SSO user found for application. Please contact cymmetri administrator.

SAMLSRVC.INTERNAL_SERVER_ERROR

Please contact cymmetri administrator.

SAMLSRVC.IDP_SSO_JKS_MANAGER_FAILED

Please contact cymmetri administrator.

SAMLSRVC.IDP_SSO_CUSTOM_JKS_FAILED

Please contact cymmetri administrator.

SAMLSRVC.IDP_SSO_FAILED

SSO failed for identity provider. Please contact cymmetri administrator.

SAMLSRVC.SERVICE_PROVIDER_SESSION_NOT_FOUND

Service provider session not availaible. Please contact cymmetri administrator.

SAMLSRVC.INVALID_ARGUMENTS

Please correct input and try again. Please contact cymmetri administrator.

SAMLSRVC.INVALID_SP_INITIATED_REQUEST

Invalid service provider request. Please contact cymmetri administrator.

SAMLSRVC.ERROR_PARSING_SAML_SLO

Error validating saml slo request. Please contact cymmetri administrator.

SAMLSRVC.SERVICE_PROVIDER_ERROR

Failed with service provider. Please contact cymmetri administrator.

SAMLSRVC.EXPIRED_REFRESH_TOKEN

Refresh token is expired. Please contact cymmetri administrator.

SAMLSRVC.INVALID_REFRESH_TOKEN

Invalid refresh token. Please contact cymmetri administrator.

SAMLSRVC.EMPTY_REFRESH_TOKEN

Empty refresh token. Please contact cymmetri administrator.

SAMLSRVC.REFRESH_TOKEN_COOKIE_NOT_PRESENT

Refresh token cookie not present. Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_ID_NOT_PRESENT_IN_CONFIG

Application id not present. Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_ID_NOT_PRESENT_IN_REQUEST

Application id is not present in request Please contact cymmetri administrator.

SAMLSRVC.EXPIRED_SSO_IDENTITY_TOKEN

SSO identity token is expired. Please contact cymmetri administrator.

SAMLSRVC.EMPTY_SSO_IDENTITY_TOKEN

SSO identity token is invalid. Please contact cymmetri administrator.

SAMLSRVC.REQUEST_ISSUER_FROM_SAML_REQUEST_NOT_PRESNETTITY_TOKEN

Request issuer is not present in saml request. Please contact cymmetri administrator.

SAMLSRVC.INVALID_SSO_IDENTITY_TOKEN

Invalid SSO identity token. Please contact cymmetri administrator.

SAMLSRVC.IDP_SLO_FAILED

Identity provider single logout failed. Please contact cymmetri administrator.

SAMLSRVC.BUILD_SLO_REQUEST_FAILED

Build to failed single logout request. Please contact cymmetri administrator.

SAMLSRVC.SLO_REQUEST_SEND_FAILED

Failed to send single logout request. Please contact cymmetri administrator.

SAMLSRVC.SLO_RESPONSE_SEND_FAILED

Failed to send single logout response. Please contact cymmetri administrator.

SAMLSRVC.ERROR_PERSISTING_SLO_REQUEST

Failed to persist single logout request. Please contact cymmetri administrator.

SAMLSRVC.SLO_RESPONSE_SAML_ATTRIBUTE_VALIDATION_FAILED

Failed to validate single logout response attribute. Please contact cymmetri administrator.

SAMLSRVC.INVALID_SAML_SLO_RESPONSE

Invalid saml single logout response. Please contact cymmetri administrator.

SAMLSRVC.INVALID_SAML_SLO_MESSAGE

Invalid saml single logout message. Please contact cymmetri administrator.

SAMLSRVC.SLO_REQUEST_VALIDATION_FAILED

Failed to validate single logout request. Please contact cymmetri administrator.

SAMLSRVC.SLO_RESPONSE_VALIDATION_FAILED

Failed to validate single logout response. Please contact cymmetri administrator.

SAMLSRVC.UNAUTHORIZED

Unauthorized. Please contact cymmetri administrator.

INVALID_USER_SESSION

User login session is invalid

USER_NOT_CONFIGURED_FOR_EXTERNAL_LOGOUT

User is not configured for external identity provider logout

USER_DOES_NOT_HAVE_ANY_ACTIVE_SSO_SESSION

User does not have any active sso login session

ISSUE_INSTANT_EXCEPTION

Invalid user issue instant exception

NOT_ON_OR_AFTER_EXCEPTION

Saml attribute is not valid before and after timestamp

NAME_ID_FORMAT_EXCEPTION

Invalid user name id is not valid

SESSION_INDEX_EXCEPTION

User login session index is invalid

DESTINATION_EXCEPTION

Saml attribute destination is invalid

IDENTITY_PROVIDER_EXCEPTION

External identity provider is invalid

IN_RESPONSE_TO

Saml attribute in response attribute is invalid

ISSUER_EXCEPTION

Saml attribute issuer is invalid

DATALOGGER.ALREADY_ACTIVATED

Already activated

DATALOGGER.ALREADY_DEACTIVATED

Already deactivated

DATALOGGER.SYSLOG_CONFIG_TEST_FAILED

Syslog configuration test failed

DATALOGGER.SYSLOG_CONFIG_NOT_FOUND

Syslog configuration not found

PAM_CONFIG_DATA_NOT_FOUND

Pam Configuration data not found

PAM_INVALID_CONFIG

Invalid Pam Configuration found

PAMSRVC.INTERNAL_ERROR

Invalid password. Please try again

PAMSRVC.PAM_CONNECTION_FAIL

Connection Fail

PAMSRVC.CONNECTION_FAILED

Connection Fail

REPORT.INVALID_ARGUMENTS

Please correct the input and try again

PROVSRVC.PASSWORDFILTER_AND_APPLICATION_DOES_NOT_SAME

Filtered application and included/excluded cannot be the same

PROVSRVC.PASSWORDFILTER_ALREADY_CONFIGURED

Application is already configured for password filter

dagsrvc.INVALID_ARGUMENTS

Invalid argument.

dagsrvc.INVALID_ARGUMENTS

Invalid argument.

dagsrvc.SERVER_NAME_ALREADY_EXIST_EXCEPTION

Server name already exit.

dagsrvc.ROOT_LOCATION_NOT_FOUND

Server details not found.

DAGSRVC.DAG_SHARED_SERVER_ALREADY_EXISTS

Server Configuration already exist

DAGSRVC.DAG_SHARED_SERVER_NOT_FOUND

One or more shared servers not found

PROVSRVC.APPLICATION_ROLE_NOT_FOUND

Application Role not found

PORTAL.EXPIRY_DATA_NOT_FOUND

Expiry data not found

PORTAL.EXPIRED_LINK

Link has been expired

REGSRVC.ACCOUNT_NOT_ACTIVE

Tenant account inactive. Please contact support

USRSRVC.IMPORT_SCHEMA_NOT_FOUND

Import template not found

SLFSRVC.OPERATION_NOT_ACTIVE

Operation not configured

WKFLSRVC.WORKFLOW_PREFERENCE_CONFIG_NOT_FOUND

Workflow Preference Config not found

USRSRVC.GROUP_ALREADY_ASSIGN_TO_USER

Group Already Assigned to User.

USRSRVC.USER_INACTIVE_CONFIG_NOT_FOUND

Inactive User Config not found

UTILSRVC.TEAMS_CONFIG_ALREADY_EXIST

Teams Config already exist

UTILSRVC.TEAMS_CONFIG_NOT_FOUND

Teams Config Not Found

PAMSRVC.RULE_CONFIGURE_ALREADY_EXIST

Configuration already exists

PAMSRVC.EMPTY_CONDITION_EXCEPTION

Empty Condition exception

SLFSRVC.INVALID_MANAGER_EXCEPTION

Invalid Manager

SLFSRVC.INVALID_MANAGER

Invalid Manager

SLFSRVC.USER_NOT_FOUND

User not found. Please try again.

WKFLSRVC.SELF_APPROVAL_CONFIG_EXIST

Self Approval config already exists

WKFLSRVC.SELF_APPROVAL_CONFIG_NOT_FOUND

Self Approval config not found

MFASRVC.RESEND_PERIOD_NOT_ALLOWED

Please wait we are enabling resend operation

MFASRVC.RESEND_TIME_EXCEED

Allowed resend attempt exceed please try after some time

ANALYTICS.INVALID_LOG_ARGUMENTS

Invalid arguments

ANALYTICS.UNAUTHORIZED

Unauthorized. Please contact cymmetri administrator.

ANALYTICS.ALREADY_ACTIVATED

Already activated

ANALYTICS.ALREADY_DEACTIVATED

Already deactivated

DATALOGGER.ALREADY_EXISTS

Already exists

DATALOGGER.CONNECTION_FAILED

Connection Fail

DATALOGGER.FORBIDDEN

Please contact system administrator.

DATALOGGER.INVALID_ARGUMENTS

Invalid arguments

DATALOGGER.SYNC_NOT_SUPPORTED

Sync not supported

ANALYTICS.SYSLOG_CONFIG_NOT_FOUND

Syslog configuration not found

ANALYTICS.SYSLOG_CONFIG_TEST_FAILED

Syslog configuration test failed

DATALOGGER.UNAUTHORIZED

Unauthorized. Please contact cymmetri administrator.

REPORT.ALREADY_ACTIVATED

Already activated

REPORT.ALREADY_DEACTIVATED

Already deactivated

REPORT.ALREADY_EXISTS

Already exists

ANALYTICS.CONNECTION_FAILED

Failed to send report.

REPORT.CONTENT_NOT_FOUND

Content not found

REPORT.EMAIL_EXISTS

Email already exists

ANALYTICS.EMAIL_NOT_EXISTS_EXCEPTION

User Email Not Found. Please contact cymmetri administrator.

REPORT.FORBIDDEN

Please contact system administrator.

ANALYTICS.INVALID_ARGUMENTS

Please correct the input and try again

REPORT.INVALID_CRON_EXPRESSION

Invalid cron expression

REPORT.INVALID_FREQUENCY_CONFIG

Invalid frequency config

REPORT.INVALID_REPORT_CONFIG

Invalid report config

REPORT.INVALID_SCHEDULER_TASK_EXECUTION_ID

Invalid schedular task execution ID

REPORT.REPORT_BATCH_TASK_NOT_FOUND

Batch task not found

REPORT.REPORT_EXISTS_EXCEPTION

Report already exists

REPORT.REPORT_NOT_FOUND

Report not found

REPORT.SEND_EMAIL_FAILED_EXCEPTION

Email Sending failed

REPORT.UNAUTHORIZED

Please contact cymmetri administrator.

RISKENGINE.ALREADY_ACTIVATED

Already activated

RISKENGINE.ALREADY_DEACTIVATED

Already deactivated

RISKENGINE.ALREADY_EXISTS

Already exists

RISKENGINE.CONNECTION_FAILED

Connection Fail

RISKENGINE.CONNECTOR_NOT_AVAILABLE

Connector not available

RISKENGINE.FORBIDDEN

Please contact cymmetri administrator.

RISKENGINE.INVALID_ARGUMENTS

Invalid arguments

RISKENGINE.INVALID_RISK_SYNC_TASK_STATUS

Invalid risk sync task status

RISKENGINE.NO_MAPPING_FOUND

No mapping found

RISKENGINE.RISK_CONFIG_NOT_FOUND

Risk config not found

RISKENGINE.RISK_NOT_FOUND

Risk not found

RISKENGINE.RISK_SYNC_TASK_IN_PROGRESS

Risk sync task in progress

RISKENGINE.RISK_SYNC_TASK_NOT_IN_PROGRESS

Risk sync task not in progress

RISKENGINE.UNAUTHORIZED

Please contact cymmetri administrator.

RISKENGINE.UNSUPPORTED_FIELD

Field not supported

RISKENGINE.UNKNOWN

Please contact cymmetri administrator.

Help

The Cymmetri Help Page serves as a vital resource, offering users a comprehensive documentation hub that breaks down all the features and provides step-by-step configurations for various functionalities.

Key Features of the Help Page:

Comprehensive Feature Explanation: The Cymmetri Help Page covers all the features of the platform straightforwardly. Whether you are a beginner or an experienced user, you can find detailed explanations of each feature, ensuring you have a clear understanding of its purpose and functionality.
Step-by-Step Configurations: One of the highlights of the Help Page is its provision of step-by-step configurations for various features. This means you can follow a simple, structured guide to set up and customize different aspects of Cymmetri according to your specific needs.
User-Friendly Language: The documentation is crafted in a manner that balances technical precision with user-friendly language. You won't find unnecessary jargon, making it accessible for users with varying levels of technical expertise.

Personalization

General Config

In this section within Cymmetri, a range of general or broad configuration settings and options are managed. These settings encompass various foundational configurations that affect the overall behavior of Cymmetri.

There are different system configurations in Cymmetri mentioned below:

On Behalf

Time Based

In the Time-Based configuration, system administrators can determine whether the system will send repeated notifications to users based on the number of days remaining, as specified in the 'Send Notifications before' field. This occurs when an application is assigned to the user as a time-based application and is about to expire.

Email Config

These settings and configurations within Cymmetri are specifically related to the management and customization of email-related functionalities. This configuration area allows administrators to set up, manage, and customize, the email communications as per the organization's needs.

Suspend Config

Within the Suspend Config section, administrators have the ability to determine the duration a user remains in a suspended state before transitioning to the archived users' section. This can be specified using the "Suspend After" setting.

Scheduler Integration:

The system incorporates a scheduler feature, enabling administrators to automate the transition of users from the suspended state to the archived state. The scheduler runs within defined time frames, streamlining the management of user statuses.

As an example, if the "Suspend After" configuration is set to 0 days, a user will promptly move to the archived users section upon suspension. This allows for flexibility in tailoring user management to specific organizational needs.

Workflow Preference Config

Within the Workflow Preference Config, administrators have the ability to specify the visibility and editability of workflows associated with user access requests for a particular application. This setting allows for tailored control over how approvers interact with the configured workflow.

Visible to the User:

When this option is selected, approvers for the requested application are visible to the user initiating the access request. Transparency is maintained throughout the workflow process.

Hidden from the User:

Opting for this configuration ensures that approvers for the requested application remain hidden from the user. The workflow operates discreetly in the background without user visibility.

Editable by the User:

If this preference is chosen, users initiating access requests have the ability to select approvers based on their availability, providing a more dynamic and user-centric workflow experience.

This functionality applies if a workflow has been configured for the specified application, offering flexibility in managing user access requests in alignment with organizational requirements.

The approvers mapped in the workflow can only be edited only if they are part of the "user list" in workflow configurations.

In conclusion, if the workflow preference config is set to Editable, the requester will only be able to select the approver from the workflow if the approvers are part of a user list.

Reset Password OTP Config

This setting involves whether an OTP (One-Time Password) is required as an additional verification step when users attempt to change their passwords.

User Decommission Config

The User Decommission Config is a vital feature in Cymmetri, allowing administrators to automate user decommissioning based on login activity.

In this configuration, actions are triggered if the user hasn't logged in to Cymmetri in N number of days

Config Days: Set the threshold for user inactivity in terms of days. Users who have not logged in for the specified duration will be subject to the defined actions.

Actions: Choose from three distinct actions to be taken when the specified inactivity threshold is reached:

None: No action will be taken based on user inactivity.
Inactive: Users exceeding the configured inactivity period will be marked as inactive.
Delete: Users who have not logged in for the specified duration will be suspended from the system.

Syslog Configuration

Syslog configuration in Cymmetri allows for the seamless integration of logging and event information with external Syslog servers. By defining specific parameters, administrators can ensure that critical system events, user access information, and other relevant data are transmitted in real-time to a Syslog server.

Syslog Config fields:

Syslog Name - Assign a unique name to this Syslog configuration
App Name - Specify the application name associated with this Syslog configuration.
Server Host Name - Enter the hostname or IP address of the Syslog server that will receive log messages
Server port - Define the port number on the Syslog server where log messages will be sent.
Protocol - Choose the preferred protocol for Syslog communication - TCP or UDP.

In configuring these parameters, administrators tailor Cymmetri's interaction with external Syslog servers, optimizing the logging process to meet organizational needs.

Webhooks Configuration

Webhooks in the Cymmetri's admin module provide a powerful mechanism for real-time communication and integration with external applications or services. Administrators can configure various webhook settings to enhance the system's functionality and streamline interactions with external components.

Webhook Configs:

Protocol - Communication protocol - (Static field)
Method - HTTP method for webhook requests - (Static Set to post)
Server - Enter the server or endpoint URL where the webhook payloads will be delivered.
Server Context path - provide the context path for the specific service within the server.
Secret - This secret key, known to both Cymmetri and the external service, helps authenticate the webhook requests.
Token Expiry Minutes - Define the duration (in minutes) for which authentication tokens associated with webhook requests are valid.

Application Request Config

This setting determines if a user has the ability to initiate requests for new applications through the Cymmetri self-service page.

When the status is active, the user will see the "Add New" button on the "My Access" page within the "My Workspace" section. By clicking this button, the user can submit an access request for additional applications.

Threshold Delete Config

The Threshold Delete Config is a critical component in Cymmetri, governing the maximum number of users that can be deleted from the system in a single day.

This configuration provides an additional layer of control to prevent unintended mass deletions and ensure the security and stability of Cymmetri

Admins

Cymmetri platform has six different admin roles with various levels of access to the various menus and resources on the administration portal of Cymmetri.

In addition to these six admin roles, Cymmetri also supports three different privileged user roles that grant varying levels of access (read, write, report) to privileged users within Cymmetri.

Administrators

The various admin roles on the Cymmetri Identity Platform may be described as follows:

Organization Administrator

This is the so-called 'super admin' administrator role in the Cymmetri platform. Administrators with this role have the authorization to modify any settings or make changes to the tenant.

Domain Administrator

This is a slightly less privileged administrator. Most tenant-wide system settings, such as the configuration of SMS and email providers (when configured by the tenant), are restricted for domain administrators. All other configurations can be viewed and edited by administrators with the Domain Administrator role.

Application Administrator

An administrator with the role of Application Administrator has access to Identity Hub configurations, including Application, User, and Group configurations. The Application Administrator can map users and groups to applications and can edit all configurations related to Application Management.

Report Administrator

An administrator with the role of Report Administrator has access to the Reports menu, which includes the ability to view, modify, and add new reports.

Help Desk Administrator

The Helpdesk administrator has access to a very limited set of administrative functionalities, such as, resetting password of the end-user, removing configured Multifactor authentication options, and other such common use-case

Read Only Administrator

All administrative users have editing access to the various administrative sections of the Cymmetri platform. However, administrators with the "Read Only Administrator" role do not have editing access to any of the settings or configurations; they only have "Read Only" access to the administrative section.

PAM Write Access

PAM Write Access in Cymmetri grants users the privilege to connect to servers via RDP or SSH and perform write or modification actions on those servers. Users with PAM Write Access have the ability to make changes, update configurations, and perform tasks that involve altering data or settings on the connected servers. This access level is typically assigned to administrators and IT personnel responsible for making configuration changes or updates on various servers within the Cymmetri environment.

PAM Read Access

PAM Read Access provides users with the ability to connect to servers using RDP or SSH and view the content and configurations on those servers. However, users with PAM Read Access do not have the authority to make modifications or changes to the server settings or data. This level of access is suitable for individuals who need to monitor server activities, check logs, or retrieve information from servers without the need to alter any server configurations.

PAM Report Access

PAM Report Access is designed for users who require access to PAM-related reports without the need to connect to servers via RDP or SSH directly. Users with PAM Report Access can generate and access reports that provide insights into server activities, access logs, or other relevant data within the Cymmetri. Such users can also configure schedulers to send timely reports to various other users. This level of access is beneficial for auditors, compliance teams, or individuals focused on analyzing server-related information for reporting and auditing purposes.

Adding a New Admin

Follow the steps mentioned below to promote a user as an admin in the Cymmetri platform.

Click on the Configuration menu on the right-hand side

Now click on the Admins sub-menu within the Configuration menu

Click on the "+Add New" button to add a new administrator

To assign an administrator role to a user, search for the user and then click the 'Assign' button.

Select the chosen administration role and click on Save

The administrator has been assigned the role of “Report Administrator”.

All Admins

All admins is a section where various Cymmetri admins listing is displayed to the admin user

Masters in Cymmetri

Masters are key-value pairs that can be defined for the entire tenant. The key(name) in this context refers to the label to be shown on the Cymmetri User Interface, and the value is the backend identifier used to reference this field in various processes, rules, and policies defined in the Cymmetri platform.

Cymmetri platform allows for configuring several masters in the system, the major classification among which are Global masters (which allow for creating master key-value pairs that may be used for various situations, such as creating a new department, designation, and other custom attributes for users in the system) and Zone masters (which are network configurations that may be used to whitelist or blacklist user access onto the platform as well as act as a source for adaptive Multi-factor authentication).

Global Masters

These are system-wide key-value pairs primarily used to setup key-value pairs referring to various masters as given below:

Types of Global Masters:

Adding a new Master

Follow the steps below to Add a New Master:

Click on the "+Add New" button to add a new master of any category mentioned above.

Enter the Name and Value for the new Master, then select the type of master you wish to create and enable the active toggle button to make the master active. Once all values are entered click on the Save button

A new Global Master is successfully created in the selected category

RBAC Master

The RBAC Master allows the maintenance of role entitlements for the organization.

Zone Masters

Zone masters indicate the network zones that may be used for blacklisting or whitelisting access to the Cymmetri Identity platform deployment. It may also be used for detecting users from certain zones and assigning relevant multi-factor authentication policies.

Zone Name: Used to refer to a zone in other configurations on the Cymmetri platform.

Inactive/Active: Toggle button to check whether the zone is active (configurable as a condition for other rules on the Cymmetri platform.)

Gateway IP: Refers to the Gateway IP address for the network zone.

Proxy IPs: Proxy Server IP addresses that may be used to be directed to this network or the IP addresses outside of the zone that would indicate a connection from this zone.

For adding a new Zone Master or for editing an existing one, Fill in all the mandatory details on the screen as shown above, click on the enable toggle button and finally click the “Save” button.

Personalize Notification Templates

Notifications are triggered from the Cymmetri platform for various actions occurring on the platform either through direct action by the end-user or by the virtue of some backend action (such as running of a scheduler for a campaign). Cymmetri platform ships with default notification templates listed below-

Mandatory Notifications

Sign-up / Registration
OTP Notification
Access Code Manager Notification
Access Code User Notification

Optional Notifications

Workflow Notification
Reviewer Notification
Application Access Approval Request
Application Assignment
Delegation Assignee Notification
User Activation
Application Scheduled Deprovisioning
Delegation User Notification
Application Access Approval Request Denied by Approver
Application Access Approval Request Granted
User Notification
Login Failed
Password Expiry Notification
Review Assignment Notification
Self Approval Notification
Login Adaptive Failed Notification
MFA Failed Notification
User Threshold
User attribute update / Profile update
Pending Access Certification Notification
Ad-Hoc Certification Notification
User Risk score changes

Please note: The above notifications are available out of the box. The system also allows custom notifications to be triggered for specific events using the Cymmetri Webhooks. The custom action trigger can call an existing Cymmetri notification template or a custom template can be included in the webhook code.

The default templates may be modified by the administrator using the following process:

Access the notification templates menu by clicking on the configuration menu on the left-hand side menu bar and then clicking on the Notification templates pop-up menu.
Click on the eye icon to preview the corresponding template

Values in <> anchor tags and ${} reflect macros.
Click on the pencil icon shown above the image to edit the template.
We may treat this template as an email, and edit the subject of the mail.
By default, the email notification will be sent to the corresponding affected end-user, but selecting the toggle option for “Send notification to Reporting Manager” will also copy the mail to the Reporting manager of the affected end-user, allowing for offline follow-up for the notification.
The administrator may edit the HTML using the provided HTML editor to add/change any template button/text/background. The macros required for the particular template are already provided in the sample default notification template.
Click on the Save button to save the notification template.

Tenant Branding

Tenant branding in Cymmetri allows you to personalize and enhance the visual identity of your environment. With tenant branding, you can customize the appearance of your platform, including logos, color schemes, and even tailored messages, aligning it with your organization's branding guidelines.

This not only creates a cohesive and professional user experience but also reinforces your brand's presence throughout the Cymmetri environment. It's a powerful tool for organizations looking to maintain a consistent and recognizable image while utilizing Cymmetri's identity and management capabilities.

The Cymmetri platform allows a certain level of customization to your tenant from the administration panel. This includes the ability to modify the default Cymmetri branding scheme to your own Organization’s branding scheme.

Your Organization Name and Tagline
Your Organization Logo
Your Organization Branding Colors (Primary, Secondary, Accent Colors)

Configuring your tenant branding

To access the branding menu, first click on the Configuration menu on the left-hand side and then proceed by clicking on the Branding menu item.
Start the configuration by entering your Organization Name and Tag Line
Proceed by adding a Welcome text and Welcome Tagline and select whether the Cymmetri help icon should be visible to the user or not
Proceed by adding your URL to the Website text box and click “Fetch Brand”.
If your organization’s branding is available, the logo and the corresponding color scheme will be displayed in the menu below.
If your branding is unavailable, you may configure it yourself by uploading your logo and editing your primary color, secondary color, and accent color.
Click on the Save and Sync Server button to make the branding configuration apply to the entire website.

The configuration will be applied in a few seconds to reflect your branding.

In Cymmetri, the administrator now has the option to select the "Reset to default theme" button, allowing them to revert to the original theme.

Custom Attributes

Custom Attributes may be added for all user entities in your Cymmetri Platform. This allows organizations to add custom user attributes, that are used across the applications in the organization.

For example, your organization has a custom attribute that captures and uses the local language of your employees and vendors to provide local services. This attribute may be stored in your Active Directory and may need to be synchronized to your organization’s other applications during the course of an employee or vendor’s employment.

Cymmetri platform allows the administrator to define custom attributes on a tenant-wide level.

Custom attributes can be used at various places like when creating a user, as a filter when searching for users, and are visible in the others section of user info

Configuring Custom Attributes

To start configuring custom attributes, click on the Configurations menu on the left-hand side and then click on the Custom Attributes menu.

Click on the Add New button to start adding a custom attribute
Fields to be updated:
1. Name/ Key: refers to the label assigned to the custom attribute.
2. Description: allows you to provide additional details or notes about the custom attribute for reference and clarity.
3. Status: Allows to activate the custom attribute. Only if it is set to active, is the attribute available to use in the User Object.
Note: A custom attribute once created can only be set to inactive, it cannot be deleted.

API Client

Batch Tasks

Global Search

Global Search is a powerful, word-based search feature that empowers users to instantly navigate across various pages in Cymmetri by simply typing in relevant keywords. This functionality streamlines the process of locating specific information, making it significantly easier to access any content within Cymmetri with just a few keystrokes. By incorporating Global Search in Cymmetri the time spent browsing through menus or sifting through irrelevant data is minimized, directly enhancing the productivity and user experience.

The Global Search feature is available in the top bar which makes it available on all pages as shown below:

For using the Global Search the user needs to click on the search box. When clicked it opens a search dialog box.

Note: The search dialog box can also be opened using Ctrl+K (in Windows) or Command+K (in Mac)

Upon entering a term, you'll receive precise matches or helpful suggestions. Simply browse the list and select the desired page to view it, clicking anywhere outside the search modal instantly closes it, allowing you to seamlessly return to your previous page.

The page also provides certain shortcuts which can be used for ease:

Esc: Close the search Dialog box

↓↑: for Navigate up and down the search list

Enter: For opening the selected page

The Search box appears below in non-administrative logins:

Identity Hub

Managing Users and Groups

User Management

The User Management interface in Cymmetri provides an intuitive and efficient way to manage the users within Cymmetri. The interface is designed to support both list and card views, allowing administrators to easily navigate through user profiles according to their preferences.To access the User Management page, navigate through: Identity Hub -> User

Features

The UserManagement Page provides various features which eases the user management.

View Modes: Users can toggle between a list and a card view, providing flexibility in how information is displayed.
Search Functionality: Quickly find users with the integrated search feature, saving time and improving manageability.
Advanced Filtering: The granular filtering capability ensures that administrators can pinpoint users based on specific criteria, making user management tasks more streamlined. List of users can be narrowed down the using various filters, including:
- Account Status
- User Status
- Users' Login Status
- Location
- Department
- Designation
- Usertype
- Custom Attributes

User Information Display

For each user, the following information is prominently displayed:

Display Name: The full name of the user as it appears in the organization.
Email: The user's primary email address.
Mobile Number: Contact number of the user.
User Status Indicator: An intuitive green or red dot next to the display picture indicates whether a user is active or inactive, respectively.

Contextual Actions

A context menu associated with each user profile offers a suite of actions, enabling administrators to manage user accounts directly from the interface. Available actions include:

Reset Password: Securely reset a user's password.
Mark Inactive: Change a user's status to inactive.
Assign Group: Add the user to specific groups for access control and organizational purposes.
Assign Application: Allocate applications to the user as per their role and requirements.
Edit Info: Update user information such as email, mobile number, and other personal details.
Delete User: Remove the user from the system entirely.

User Detail

This page is designed to provide a comprehensive view of an individual user's information, facilitating easy access and management for administrators.

User Profile Overview

The top section of the User Details Page showcases the following crucial user information:

Profile Picture

The user's profile picture is prominently displayed, offering a visual identification of the user. This feature aids in personalizing the user experience and making navigation more intuitive.

User's Status

Right next to the profile picture, users can find the current status of the user, which indicates whether the user is Active, Inactive, or Pending. This status helps in quickly understanding the user's engagement level.

This is a unique identifier for the user within the system. It serves as a key piece of information for various administrative processes, including user tracking, support, and security checks.

Email ID

The user's Email ID is displayed, providing an essential communication link. It is used for sending notifications, password resets, and other critical communications.

Mobile Number

The user's mobile number is listed if provided. This number can be utilized for two-factor authentication, urgent alerts, or direct contact purposes.

This structured format ensures that an administrator or any authorized viewer can quickly access and understand a user's essential information without navigating through multiple pages.

Risk Details

The user's risk details are visible on the page to notify that the user is a high-risk user. On further clicking on that page it shows User's Risk metrics.

User Info Page

This page provides a comprehensive overview of the user information managed within our system. The data is categorized into several sections to facilitate easy access and understanding of each user's profile. These sections are detailed below.

Basic Information

First Name: The user's given name.
Middle Name: The user's middle name, if applicable.
Last Name: The user's family name.
Grade: The user's grade (a set of values needs to be defined for this field in Masters).
Designation: The specific title or position the user holds.
Date of Birth: The user's birth date.
Age: The user's current age, is calculated from the date of birth.
User Type: Classification of the user based on the user types defined in the system.
Login ID: The unique identifier used by the user to access the system.

Contact Information

Country: The country where the user is located.
City: The city within the country.
Mobile: The user's mobile phone number.
Email: The user's email address, is used for electronic correspondence.
Landline: The user's landline phone number, if applicable.
Address: The user's full postal address.

Organization Information

Employee ID: A unique identifier assigned to the user within the organization.
Department: The department to which the user is assigned.
Start Date: The date when the user commenced their current position.
End Date: If applicable, the date when the user's current position will or has ended.
Manager: The user's direct supervisor or manager.

Custom Attributes

Additionally, this page may display values for custom attributes specific to our organization. These attributes allow for the capture of information not covered by the standard categories but deemed necessary for our operations.

This comprehensive user information page ensures that all pertinent data regarding an individual within our organization is readily accessible, facilitating smooth operations, management decisions, and communication.

Applications Page

This page is designed to streamline the management and assignment process of applications for users. It offers a section where you can easily view all your assigned applications along with their current status. Additionally, it allows for the straightforward assignment of new applications to your profile.

Viewing Assigned Applications: Upon accessing the page, you will be presented with a list of applications currently assigned to you. Each application tile gives a snapshot of the application's status, enabling you to quickly assess which applications require your attention.

Assigning Roles: Application Roles can be assigned to the user, using the Assign Role option. This option also allows the assignment of multiple roles to a user.
Unassign Assigned Applications: Assigned applications can be removed using the delete option in the (⋮) menu.
Assigning New Applications: Should you need to add more applications to your list, the process is simple. Just click on the Add New Button located on the interface. This action opens up a selection window where you can choose additional applications that you wish to assign to the user.

Searching for Applications: To facilitate ease of access, a search function is incorporated into the interface. This feature allows you to quickly find specific applications by typing the name or part of it into the search bar, saving you time and effort from manually scrolling through the list of applications.

Note: In instances where an application has not been successfully assigned, the interface provides direct actions to resolve the issue without needing to navigate away from the page. Each application tile includes an (⋮) menu with two options:

Retry: If an application's assignment process encounters an issue, you can select this option to attempt assigning the application again.
Delete: If the assignment issue remains unresolved or if you no longer wish to keep the application, you can choose to remove the application from your list entirely.

Groups Page

This page provides an overview of the groups to which a user is assigned, reflecting the current status of each.

Viewing Assigned Groups and Their Status

Upon accessing the page, users are presented with a list of all the groups to which they are currently assigned. Each entry includes the group's name, description, number of users in the group and number of applications assigned to the group.

Adding New Groups

To enhance the user's role or access within the system, the Add New Button is prominently positioned. This option allows users to be added to more groups, expanding their access and functionalities within the application. The process is designed to be straightforward, guiding the user through a simple process to ensure accurate group assignments.

Editing Group

This menu option found within the ellipse (⋮) menu takes you to the groups page where you may edit any information related to the group

Removing Group Memberships

Equally important is the capacity to manage the departure from groups, which is facilitated by the Delete Group option. Also found within the ellipse (⋮) menu, this feature does not delete the group itself but rather unassigns the user from the selected group. This action ensures the user's access and permissions within the application are precisely tailored, maintaining security and relevance.

User Activity Log Page

This page shows user user-specific audit log for all the various actions and activities performed by the user. This may include all activities related to the user as shown below

User's Settings Page

Status: You can change the status of users and accounts in our system to manage access and control.

For Users:

Locked: Stops user access temporarily. This is used for security reasons or if there are too many failed login attempts.
Unlocked: Gives access back to the user, allowing them to log in and use the system.

For Accounts:

Active: The account is in use, and everything works normally.
Inactive: Temporarily not in use but can be activated again.
Delete: The account is deleted and moved to suspended accounts

Reset Password: A Generate button allows the administrator to reset passwords for users, which can then be copied to the clipboard if required.

RBAC: This section can be used to assign tenant-wide roles defined in the master to the user.

Secret Questions: This section shows a list of secret questions selected by the user

Additional MFA: Administrators can view the MFA mechanisms configured by the user as well as remove the configured MFA if required for a specific user

Trusted Devices by User

If Adaptive MFA is configured for users and a configuration for Device Trust is done, Cymmetri maintains a list of Trusted devices that satisfy the conditions of the Device Trust configuration. This list of devices trusted based on the configuration done by the admin are listed on this page with the following information about each device: Browser, OS, Created At, Trusted, Action(remove device)

User's Sessions

This page provides Cymmetri administrators with the capability to monitor and manage all user sessions, It provides the following information: Browser, OS, Created By, IP Address, Created At, and Action (delete session). A user may have multiple session entries if the Multiple Session configuration is enabled.

Managed View

The Managed View page shows the user data based on various provisioning applications assigned to a user, This page shows the Attribute Name, Managed System Value, and IDM Value

Attribute Name: Attribute name as defined in the policy attribute page of the provisioning application
Managed System Value: Value as saved in the provisioning application
IDM Value: Value as saved in Cymmetri

Delegation

In Cymmetri, one of the features available to users is the ability to delegate self-service access. This capability enables users to assign their access rights and responsibilities to other users temporarily. Ideal for scenarios such as vacations, business trips, or whenever a user needs someone else to manage their duties without forfeiting their credentials or compromising security.

This page shows the delegation provided by the user, this may be currently in progress or the delegation which was last completed.

The page shows the status of the Delegation (INPROGRESS, COMPLETED), Designated To, Start Date and End Date, and the list of Excluded Applications(if any)

Create Users

While users may be imported and synchronized from other Identity providers, sometimes users may need to be added manually by the administrator.

Steps to Create Users:

First navigate to the User configuration page, by clicking on the Identity Hub > User menu on the left-hand side panel.
Click on the “+Add New” button.
Enter the required information and scroll down to add further information.
Click on the Save button to move to the next configuration page, and copy the automatically generated password.
Optionally a group can be assigned to the user.
And also applications can be assigned to the user.

Once all the above steps are completed successfully the user is created with the assigned groups and assigned applications.

Edit Users

The Edit User functionality allows administrators to modify user details within the Identity Hub.

Steps to Edit a User:

Navigate to Identity Hub -> Users, select the specific user you wish to edit, then go to the User Info page and click on Edit User
The Edit User form will be displayed, where you can modify the user's information as needed.

After making the necessary changes, click Save to update the user's details.

Saving the changes may also trigger updates in target applications, depending on the configuration. This ensures that any modifications done are synchronized across all relevant systems.

Create Groups

Administrator tasks pertaining to bulk users may be eased by creating groups of users.

Creating User Groups

Access the group configuration page by clicking the Identity Hub >Groups menu on the left-hand side.

Click on the “+Add New” button to start creating a new group

Group Name: Indicates the name of the group.

Group Type: For environments not using Active Directory, either Local or Remote Group may be chosen, in case Active Directory is being used for synchronization in the tenant, the appropriate type according to the group policy object must be chosen.

Parent Group: If a parent group is chosen, all the policies and rules applicable to the parent group will be assigned to this new group, in addition to the policies and rules specifically applied to this new group.

Group Description: Optionally, a description may be provided to the group.

Once all the details have been entered click on the Save button and a new group is created.

Importing Users

Users may be imported into the Cymmetri platform using the bulk Import Users feature.

Importing Users

For Importing Users in the Cymmetri platform administrator needs to click on Identity Hub > User menu and then click on the Bulk Import > Import Users button.

A screen pops up that lets you select the CSV file you want to upload to import the users, Upload the CSV file, you may also use the sample data file available and modify it to match your user details.

Click on the Upload File button and select the file you wish to import

Once the file is selected ensure that the default parameters selected match your requirements else you may change these parameters as per your requirement and click on the Next button.

Match the Column names from the CSV file with the Cymmetri User Attributes using this File Info dialog box.

Scroll down and click on the Import button. Note: A "Skip user workflow" check box is available to skip execution of any user workflow configured for the creation of users, if not selected it may trigger user creation workflow, and the process of importing users may slow down due to the numerous approvals that the approver might have to do.

Once Imported results of successfully Imported Users, Duplicate Users, or any error that occurred during import can be seen in Logs > Import History page

Delegation

Identity Provider

Logs

Lifecycle Management

Getting Started

3.1.x Consolidated

(3.1.0 - 3.1.6)

VERSION

New Features

Fixes

Known Bug

3.1.0 Beta (02 May 2024)

Add a Welcome Guide when no nodes are added
Amaya Operations cards messages updated
Tooltip DX enhancements
Add confirmation dialogue when the request method is missing
File Upload Validations based on filename length and file size: File validation applied on User Bulk Imports, Group Assignments, Application Assignments, Role Imports, and Upload metadata SSO. Branding Image upload applied image size validation and image name length validation. Validation is also applied on self-service User avatar upload and application icon upload.
Cymmetri Verify App issuer format is changed now so there wont be duplicate record creation from now onwards, earlier we did not take into account of the environment but now we are considering that as well

Deprovision Via scheduler when threshold value is set:- Past date user is also getting deprovisioned when rule is applied on status
Application-Role-One role mandatory, validation should be present at least one active
Node name without spaces overlap
Amaya- Not able to drag down node which is at the top most corner
Campaign - Campaign action reminder email time calculation wrong
Campaign- Campaign is getting aborted and summary is showing blank when campaign for local group is executed.
Custom attribute - When custom attribute filter is applied in users, showing no users found
Workflow- Preference config box is not visible while deprovisioning application
Self service app: While setting up secret question authentication in mobile app, user need to click twice on question field.
User activity Ascending Descending not working
Amaya Connector Recon- Showing duplicate role remarks, but in duplicate field showing 0 records
Identity Hub- Groups- After editing groups when on application / activity page user is redirected to users page by default
My workspace> Create new tags- showing older suggestion as soon as clicked on new tag field
AD Application - View attribute is empty
Tenant registration | Pressing tab key glitches UI
Missing error code mapping
Grade Workflow- When workflow preference config is set to visible, and workflow is applied for user creation, then popup box is showing user list but in pending showing unknown instead of user list
Amaya- When the back button is clicked, a save/discard popup box will appear. However, clicking anywhere on the page directly navigates the user away from the operation page.
Amaya - Save/Discard popup box should not be shown when user is trying to go back without saving any changes.
Mobile app- Secret question- Field is showing required even when data is present in field
Cymmetri Verify app- Password recovery should be provided for Exported TOTP user files in case user forgets the password
login via Authenticator-identity provider is inactive then also user able to login.
syslog-configuration- UDP test, for invalid IP also giving success. Unable to have TOTP account for same username on different environments .

Manager notification: receiving user name required manager name
Workflow initiated for form but form is getting updated without workflow approval.
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is em

VERSION

New Features

Fixes

Known Bugs

3.1.2 Beta (26 July 2024)

Workflow self-approval module updated to support custom attribute (type :user type and Converter Type: String ) as condition parameter.
Teams config module updated to support custom attribute (type :user type and Converter Type: String ) as condition parameter.
On behalf module updated to support custom attribute (type :user type and Converter Type: String ) as condition parameter.
Auth Rule module updated to support custom attribute (type :user type and Converter Type: String ) as condition parameter.
Quick Setup - Setup applications using pre-defined operations
Import-Export App Configuration - Transfer configurations of application smoothly between tenants, simplifying the setup for users by ensuring all configuration, including user configurations, server configurations, and policy maps, are accurately migrated.
Removal of Deprovision Rule Exclusion Applications Field: a) Manual Execute Deprovisioning b) Deprovisioning via Scheduler c) Update Threshold Delete Config d) Deprovision Rule Updation e) Backward Compatibility f) Suspend or Resume User g) Impact on UI
Access review reject process updated, on rejection workflow support added.
SAML Single Logout
New screen that will show loading on UI till tenant creation is completed once OTP is verified
Interchanged position of login id and email on add/edit user for better UX.
Add support for page number field for pagination in Amaya
360 Recon
Lotus Notes Connector
Application Policy Map (Active Directory) samAccountName is compulsary for Create only flag in User as well as Group (AD application new bundle - When SAMaccount name is set to false in Group policy map, members are not assigned in group when recon Pull is executed for both exist=Update).
Added Warning information and warning popups (Only UI changes no impact on backend functionality): a. Creation of user manually. b. Updation of user manually. c. Bulk upload csv (creation of user) d. Manager assignment e. Policy map creation and updation f. Reconciliation Pull operation g. Reconciliation push operation h. Selfservice ➝ Teams: i. Creation of user ii. Updation of user
Removal of Email validation from backend

User info page gets crashed while user edit fails
Import/Export of App Configuration
Amaya- Detailed description of failed/executed logs should be shown
AD application new bundle- Group link attribute in db is empty, users are not getting updated in group
AD policy map- Spaces should be trimmed automatically if included while creating a policy attribute
Tenant creation not working
New tenant Registration- Showing subscription end for tenant which is not even registered completely
Secret question configuration- Admin user should be able to delete secret question when not in use
Secret Question-When a question is already in use and user trying to delete question then it should not display successful delete message
Secret question- Displaying removal validation message when editing a question
User> Activity- Add cross (x) button to clear the selection
Onbehalf Config - If Description is kept blank , no error message is getting displayed on screen while saving.
Team Config - If Description is kept blank , no error message is getting displayed on screen while saving.
On Behalf config- When the view button is clicked, the user is still able to check or uncheck the boxes
Custom attribute- Even when a custom attribute is disabled from the configuration, it remains visible in the policy map selected dropdown menu
Users - View User- Custom attribute fields text UI is breaking
Custom Attribute- Require text change in success message to " Custom Attribute activated successfully"
Edit User - After deactivating the already assigned custom attribute, in edit user , system is showing info "xyz" attribute is inactive for active custom attribute also.
Identity Hub- When clicked on edit info from user menu action, user account edit page should get open instead of user display page
CTRL+K: When any feature/module is already opened and user press ctrl +k button from keyboard then search filter modal is getting opened at back
Delegation - Delegator and Delegatee consent should not get updated if user has already set some other consent
Users> Group- Rename the label from 'Delete' to 'Unassign'.
Audit- Logs for deprovisioned user is getting repeated.
Custom Field- Policy Map- Date is not showing in correct format
Mobile app- When clicked on user name for first time after killing app , keyboard is getting hidden
Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.
Global search (Ctrl+K) - even if characters are not matching still showing suggestions
User setting- Error message should be shown when any action is performed and when landing/refreshing setting page
Cymmetri Selfservice App - Need to change the message showing in popup screen while TOTP is getting authenticated.
Mozilla Browser specific- User getting stuck when password less Webauthn is On
Application - SSO - While clicking on Preview assertion , getting error "processing please wait"
Product menu getting hide on workflow page: a. Menu action- Displaying an error message when a user already has one role assigned and tries to assign a menu action.
User info page gets crashed while user edit fails
Import/Export- Showing error message when importing file into new tenant (AD specific)
Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.
Quick setup- Data is not getting reset after closing policy mapping popup box, but getting reset when clicked on "I ll do later button"
Add Page Number support for Amaya
Application - SSO While saving the same config in two applications, while clicking on Edit SP config , popup showing do you want to continue editing the SP configuration? but only continue button is given
Application - SSO - While saving the configuration in new application, save button loader is loading continuously
360 recon-Hide runnow button from detail view
360 recon dashboard filter-add dropdown for break type
360 recon dashboard-label change account overdue to account overdue in the target (also add some info on i icon what is this)
360 recon-Already running recon need to handle,disable play button or show message
360 dashboard-make label consistent
360 recon dashboard-action details showing blank
360 Degree recon-For execution showing error
360 Degree Recon- History some time loading some time not
Recon 360 recon- Validation message for missing data is not required as it already shows no data found on page when recon is not executed at all
360 recon dashboard-action details showing blank
360 dashboard-Search not working on break type
360dashboard-loginid filter not working
360 recon detail data showing mismatch
360 recon execute audit log not present
360 recon dashboard-on 2nd run details getting repeated
Amaya Azure- Showing route issue error message
Import Application- UI for name is not proper
Import/Export- Recon is not working for AD new application bundle
Teams config - while removing the condition in Group condition, showing error " Please try again"
On Behalf config - while removing the condition in Group condition, showing error " Please try again"
Teams Config - If condition is kept blank and save is clicked , getting error " Please try again"
On behalf config- If condition is kept blank and save is clicked , getting error " Please try again"
Import/Export Application- Convertor field types in policy map is not getting imported
Import/Export - When any application configuration is imported into a new tenant, the user should be redirected to the application provisioning page after the upload
Import application- Showing an error message when importing an Amaya-based application if the exported application was without the policy map checked
Amaya- Policy Map Password attribute datatype identified as password instead of string
Amaya- Rename all operations(Test, Search, Sync, etc....) in sentence case
Workflow- Even after updating Grade as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- After updating the user list as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- When the level 3 approver is updated in the workflow, a 'Workflow Not in Range' error message is displayed.
Workflow- Even after updating the reporting manager as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- When workflow over workflow is applied 2nd level approver is not getting updated
360 recon should consider full sync
360 recon fails then that 360 recon should be abort
Amaya Felicity Role assignment- Taking time to provide error message
Deprovision- Exclusion Application- Application going in pending deletion state when that particular application is added in exclusion application while manually deleting user from Identity hub
360 Recon sync with bulk data showing heap size issue
AD new application- User list is not getting displayed showing urersrvc unknown error.
My workspace> Inbox- When workflow assignment is reassigned by admin, then previous approver should not be able to accept or reject request if page is already open in previous approver account.
Inbox - Workflow Request for setup for application - Need to enhance the details as per user interface.
Error in the server log-authsrvc ,No impact on functional flow
After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
Campaign - Reviewer can approve self review request
Campaign not getting end, for tenant 2711
Workflow TAT- Workflow is getting aborted when grade is set at second level approver and set TAT time is over
Workflow TAT- Workflow is getting aborted when 2 level approver is set and set TAT time is over
Workflow TAT- Workflow is getting aborted when workflow approver is assigned to user list
Workflow TAT- Showing error when user is not present and TAT is over
Workflow TAT- Showing unauthorized error when TAT is over and operation is getting aborted
Recon pull- with both exist link, audit detail not showing
Workflow rule configuration-on edit workflow ,previously selected role getting save
AD new bundle- Managed View- View should be proper while separating multiple OU in proxy addresses
AD new bundle- Manager and account expiry is not visible in Managed view
AD new bundle- managed view- Value is not displayed in proper format in Name in managed view
AD new bundle- Managed View- Showing different Start time/created time
In User creation workflow L1 - User List approved , L2 - reporting manager , after TAT is expired , request is not getting auto reject.
Pending Workflow List - If approver is User list and Grade then it should display in Current Assign in pending list
User Workflow - If reporting manager is set as 2 level approver , reporting manager is showing as Unknown
Policy Map- When attribute is searched via search button and that attribute is deleted then other attributes are not getting loaded
Profile Picture- After clicking once on the upload button, that button should be disabled
PAM-Server access not getting terminated even after time end (Related to HA environment only)
User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type
Pending Workflow -If L1 approver is User List , then while clicking on the info icon, popup not showing user list .Also it is " Grade List Details"
PAM-Server access not getting terminated even after time end (Related to HA environment only)
Workflow Rule - Workflow is initiated when group is set as approver , group is not visible on popup screen
AD new bundle>Group- When the "Sam account name" update checkbox is unchecked and user attempt to update the description, the description does not get updated in AD
deployment_analytics_1 Service CPU utilisation is 100%
Import/ Export- When file is exported from different env (Dev) and imported to QA env, then credentials are also imported along
Security Bug Fixes :- E2E request/response payload encryption for all APIs of authservice

manager notification : receiving user name required manager name
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
In forgot password/password breach condition-asking disabled MFA factor also
Amaya-Autofill policy map, When value is not present to the user at the time of application then amaya passing "$." to the target
Campaign - Reviewer can approve self review request
After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
Remote Group- AD Application- When users are removed from a remote group in Cymmetri, those members should also be removed from the group in Active Directory
Amaya- Client id should be visible in encrypted form
Provision Rule - While creating and configuring the custom attribute as "New ", system is not initiating the rule.
AD new bundle- When an AD application is assigned to a remote group, the application is highlighted in the background while assigning but disappears as soon as the application popup box is closed
Reports- When report is scheduled, Scheduler history is showing content not found and execution status is getting aborted
AD Application- When Ad test provision is failed, and user trying to delete application from user account, then application should go in fail deletion state
Audit- Taking time to load audit logs
AD Application- Showing error when inserting start date in AD
In application setting if show to user flag off then also application show in recent application.
User lock- When a user account is active, and the same account is logged in through another browser and by any means account gets locked, the first session should get terminated.
Branding- When show Unlock link from branding is kept as No, and admin user account gets locked, then user is not able to unlock account from login page
Application- When user is adding /removing role then it is not getting reflected without refreshing
group push-not taking user in AD at the time of update
Passwordless- WebAuthn; Showing not allowed error
Delegation-On behalf: when login by delegate and on-behalf condition is not satisfied still showing on-behalf toggle button and getting removed when refreshed
AD Application- Group name should not accept space while creating or updating group name
Audit- Audi log should show log when user is not getting any records in Recon history but showing task executed

VERSION

New Feature

Fixes

Known Bugs

3.1.3 Beta (26 July 2024)

User Threshold: a. A UI change has been made in the general configuration for the threshold. b. Creation of user c. Updation of user d. Deletion of user e. Staging for user threshold f. Retry staging user from staging dashboard. g. Archive for user threshold h. Notification for user threshold
User directory search API updated for quick search (keyword): a. Support dropped for: grade, userType, department, designation, custom-attributes b. Supported on: employeeId, email, mobile, firstName, lastName, middleName, displayName, login
Data logger service version info added.
Tenant registration database creation process optimisation.
Pending Workflow Inner page applied functionality to reassign user from inner page
Added QR code zoom feature on FIDO, TOTP and push Authenticator scanner.
VPT: Modify routes of api - /usersrvc/api/user/directory/list/{appId} remove user role form routes.
Custom Attribute support in following Workflow Rule Events a. User Creation b. Application Provisioning c. Application Deprovisioning d. Application Update
Added the following templates in Amaya Quick Setup: • Atlassian • Zoho CRM • Zoho Desk • Zoho Books • Zoho Expenses
Provided support for integer values for ROLE assignment through Amaya.
Tenant Registration Process Resumption: In the event that the tenant registration process is interrupted, it can be seamlessly resumed and completed using the existing account configuration. The registration process can be resumed from the following stages: a. Pending OTP Verification b. Incomplete Credential Setup
Active Directory || SimpleAD Connector upgrade: a. UserAccountControl attribute support added b. memberOf attribute support in manage system viewer c. ProxyAttribute attribute support added
External IDP SSO: a. added support to login into cymmetri as external identity provider as idp initiated sso.
SAML IDP SSO: a. added support to send idp initiated (cymmetri) sso response to cymmetri as service provider.
TOTP Config
Removal of Email validation from backend
DataLogger | Refer configuration steps here: a. data-logging framework optimisation. b. Full sync support, this step is optional step and required only if, • Tenant audit database is not present, or • Tenant audit database is corrupt so fresh setup is required.

Error in the server log-authsrvc ,No impact on functional flow
Team config - Create - Discard button issue - After clicking not able to add the details in condition section
Rule engine- Remove "above" word from note
login with admin-Campaign detail show role also, currently role showing only for campaign manager
Amaya API returning null if error instead of error and errorCode
Hide metabase analytics
Workflow rule configuration-on edit workflow ,previously selected role getting save
User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type
Pending Workflow -If L1 approver is User List , then while clicking on the info icon, popup not showing user list .Also it is " Grade List Details"
Identity Hub- Pending initial login symbol is visible far away from user name
On behalf configuration - While disable and enabling the toggle,popup message shows "This change will take effect on user's next login" but it is getting reflecting on the fly.
On-behalf>Delegation- On behalf menu is not visible when logged in via Delegatee account
SSO- Group mapping- Save button should be enabled when mandatory fields are filled
Workflow- Even after updating the reporting manager as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Global search (Ctrl+K) - even if characters are not matching still showing suggestions
Product menu getting hide on workflow page
LDAP connector-LDAP SSL should be save in Boolean in the DB
User setting- Error message should be shown when any action is performed and when landing/refreshing setting page
User setting- External idp rule is active-An admin user should not be able to lock a user when the external IDP rule matches the user condition
Schedule history-ad by default todays filter for from and to
Teams config- When the view button is clicked, the user is still able to check or uncheck the boxes
Menu action- Displaying an error message when a user already has one role assigned and tries to assign a menu action.
Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.
Lifecycle Management - All menus - Discard button is not working as expected.
Application - SSO While saving the same config in two applications, while clicking on Edit SP config , popup showing do you want to continue editing the SP configuration? but only continue button is given
Application - SSO - While saving the configuration in new application, save button loader is loading continuously
Amaya- Rename all operations(Test, Search, Sync, etc....) in sentence case
Group Policy map- For group custom attribute Cymmetri field type should be automatically selected as working in users custom field
Teams config - while removing the condition in Group condition, showing error " Please try again"
On Behalf config - while removing the condition in Group condition, showing error " Please try again"
Teams Config - If condition is kept blank and save is clicked , getting error " Please try again"
On behalf config- If condition is kept blank and save is clicked , getting error " Please try again"
Import/Export- Showing error message when importing file into new tenant (AD specific)
Import application-show error message user or groupwise
Import application- Showing an error message when importing an Amaya-based application if the exported application was without the policy map checked
Import/Export - When any application configuration is imported into a new tenant, the user should be redirected to the application provisioning page after the upload
Amaya Azure- Showing route issue error message
Import/Export Application- Convertor field types in policy map is not getting imported
Import/Export- Recon is not working for AD new application bundle
Workflow- When workflow over workflow is applied 2nd level approver is not getting updated
Workflow- Even after updating Grade as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- After updating the user list as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2
Workflow- When the level 3 approver is updated in the workflow, a 'Workflow Not in Range' error message is displayed.
Workflow TAT- Workflow is getting aborted when workflow approver is assigned to user list
Team config - Create - Discard button issue - After clicking not able to add the details in condition section
Import/Export- By default, the time in the application name should be removed when exported
Rule engine- Remove "above" word from note
login with admin-Campaign detail show role also, currently role showing only for campaign manager
Hide metabase analytics
Error in the server log-authsrvc ,No impact on functional flow
AD new application- User list is not getting displayed showing urersrvc unknown error.
Campaign not getting end, for tenant 2711
Workflow rule configuration-on edit workflow ,previously selected role getting save
AD application new bundle - When SAMaccount name is set to false in Group policy map, members are not assigned in group when recon Pull is executed for both exist=Update
My workspace> Inbox- When workflow assignment is reassigned by admin, then previous approver should not be able to accept or reject request if page is already open in previous approver account.
After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
Workflow TAT- Workflow is getting aborted when grade is set at second level approver and set TAT time is over
Workflow TAT- Workflow is getting aborted when 2 level approver is set and set TAT time is over
Workflow TAT- Showing error when user is not present and TAT is over
Workflow TAT- Showing unauthorized error when TAT is over and operation is getting aborted
User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed
Pending Workflow -If L1 approver is User List , then while clicking on the info icon, popup not showing user list .Also it is " Grade List Details"
AD new bundle>Group- When the "Sam account name" update checkbox is unchecked and user attempt to update the description, the description does not get updated in AD
Import/ Export- When file is exported from different env (Dev) and imported to QA env, then credentials are also imported along
Identity Hub- Pending initial login symbol is visible far away from user name
On behalf configuration - While disable and enabling the toggle,popup message shows "This change will take effect on user's next login" but it is getting reflecting on the fly.
In User creation workflow L1 - User List approved , L2 - reporting manager , after TAT is expired , request is not getting auto reject.
On-behalf>Delegation- On behalf menu is not visible when logged in via Delegatee account
Import Manager-Manager is deleted and user trying to assign then in the import history showing success but in audit showing failed
Application delete-Campaign-Deleted application available for review
AD new bundle- User policy map- When Sam account name is mapped with any attribute and update checkbox is kept false, and user is updated, audit log is showing failed
Workflow>Inbox- Address fields name in inbox /pending workflow and identity hub users are not same
SSO- Group mapping- Save button should be enabled when mandatory fields are filled
Campaign-email report showing error
deployment_analytics_1 Service CPU utilization is 100%
Application - Form - When submitted as blank, after assigning the application page is getting blank.
Reports- Records are getting displayed after 11min approximately
Csv Import users- An error message is not shown when the user is unable to save user details if a space is included in the email
After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.
User Workflow - If reporting manager is set as 2 level approver , reporting manager is showing as Unknown
Workflow>Inbox- Address fields name in inbox /pending workflow and identity hub users are not same
Export- Rename Config type to Select All
MFA- When default MFA rule is inactive, user is able to delete default rule as well
Amaya connector>Policy mapping- Bottom slider should be fixed
Amaya || Validation preventing usage of long valid header
Amaya Connector- By default only green colored (confirmed policy attributes) only should be checked
Amaya Quick Setup- When an auto test run fails and operations are manually updated, clicking 'Generate Policy Mapping' should exit the page.
Application delete-Campaign-Deleted application available for review
Import Manager-Manager is deleted and user trying to assign then in the import history showing success but in audit showing failed
Import/Export- By default, the time in the application name should be removed when exported
SSO - OpenID - Configure CIDR - Add - While clicking on Add icon without entering any details , blank data is getting added.
SSO - OpenID - Configure CIDR - While clicking on delete icon ,no message is getting displayed and entry is getting removed
Workflow List - View - Showing label as "Custom Workflow "
Import/ Export- Application name while importing file should be limited to 50character
Application - SSO - SLO toggle enable/disable audit log
SOD; policies-Policy owner name is not getting updated after updating user name from Identity hub and without owner name policy is getting saved
AD new bundle- When recon is executed for both exist update but application is not linked, still user is getting updated.
Application - Form - When submitted as blank, after assigning the application page is getting blank.
Masters - Grade- While clicking on Add button it is showing edit page of existing record
Tenant registration- Showing suspicious popup box when clicked on verify your email
New tenant registration- If tenant is already on registration page then after clicking verify email from mail box should show tenant is already registered
Tenant registration- Taking time to register tenant
Email verification - Email verify link is redirecting to otp verification screen.
My Workflow> Teams- Add short menu button
Tenant creation not working
After release v 3.1.2, for old updated tenant campaign module is disabled
Portal-For module update showing error, already exist
Push and FIDO scan zoom functionality not available at the time of Device MFA
Push and FIDO scan zoom functionality not available at the time of application MFA
User setting- External idp rule is active-An admin user should not be able to reset user password when the external IDP rule matches the user condition

manager notification : receiving user name required manager name
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
User-Email with invalid email id like NA, this user not able to use MFA with OTP

VERSION

New Feature

Fixes

Known Bugs

3.1.4 Beta (13 August 2024)

UI/UX || Warning added || Application Config Import Modal || Auto 'Create Only' for User Principal policy mappings
A new feature has been developed for the "Recommendation Engine", enabling seamless integration and management of application and role recommendations. The recommendation engine supports the generation of personalised application and role suggestions for each user. The system supports the automatic synchronisation of data from various sources, ensuring that recommendations are always based on the user behaviour. All recommendation engine configurations, data synchronisation are stored and can be easily retrieved and updated as needed.
UI/UX || Amaya || Add support for JSON body validation through validate button
Audit log comparison for oldObject and newObject when they are in detailed format
UI/UX Inconsistent buttons placement in some module fixed to a default below position
UI/UX Onboarding walkthrough of New users
ICICI: a. The inbox title in the workflow setup event has been updated to display the workflow name. b. Workflow (Pending workflow list) requester and requestedFor column added for display
Identity Analytics (Reporting Engine)
End to End Request/Response Payload Encryption for all authservice's API. (/authsrvc/*)
User Threshold (Phase 2): i. Update Email Title and Template ii. Create a new 'Move to Archive' button to manually archive a user. iii. Make the notifications field mandatory in the User Threshold Configuration. iv. Added the Org Admin as the default notifier in the user threshold configuration.(Not supported for old tenant). v. Update UI Error Message Format vi. The User Threshold staging mode name has been changed. vii. Failure to Move Staging User to Archive Manually and Audit Log Display for fail. viii. The changes made to the staging dashboard view. Include a comparison between the previous and updated versions of the UI. ix. Show the display name in the Threshold Delete operation on the Staging Dashboard. x. Notification Field in User Threshold Config for delete users.

Amaya- When server connector timeout is changed and test configuration is clicked, it is showing "connector not found in cloud" error in Audit log
Import User - If loginid already exist , then remark shows "Usrsrvc.existing Login" . Change this text to "Existing Login Id"
Import/Export- Showing host server details when file is imported for script connector
My Access - Tags - Roles is not getting displayed in Application
Application - Clicking on the role tile ,SSO is happening and also while clicking on close icon, SSO is happening
Applications- When any attribute is updated (made empty in the target application) and recon for both exist operation is executed, the corresponding attribute in Cymmetri should also be cleared
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed (To correct the data need to perform data-logger sync for respective tenant. Refer configuration steps here)
Deprovision- User is getting deprovisioned even after user status is changed to Active from Inactive
User threshold mail notification- Title changes required
Audit log-Recon - When recon is executed with status as Inactive, audit log is showing "Recon initiated successfully" but not any log for execution failed/aborted
Audit Filter- Add cross button in Target Type and Action field.
Threshold Config- Validation message for all three operations should be similar
Threshold Create/Update- Spelling for exceeded is not correct
Notification Template - Toggle and status should display in status column as per other modules.
Create User- While creating user on newly created tenant, assign group page showing text "No group assigned , assign group"
User setting- External idp rule is active-An admin user should not be able to reset user password when the external IDP rule matches the user condition
Create user - While creating user on newly created tenant, assign application page showing text "No data found, add application"
Audit Filter- Add cross button in Target Type and Action field.
Portal-For module update showing error, already exist
My Access - Tags - Roles is not getting displayed in Application
Threshold Config- Validation message for all three operations should be similar
Threshold Create/Update- Spelling for exceeded is not correct
Notification Template - Toggle and status should display in status column as per other modules.
Create User- While creating user on newly created tenant, assign group page showing text "No group assigned , assign group"
Create user - While creating user on newly created tenant, assign application page showing text "No data found, add application"
Group Unassignment: The message appearing on group unassignment is incorrect
Push and FIDO scan zoom functionality not available at the time of Device MFA
Push and FIDO scan zoom functionality not available at the time of application MFA
Campaign Reassign -inactive users are also listed for reassignment on click
Login page- AD auth- Provide proper UI message when AD adapter details are incorrect
Amaya- When server connector timeout is changed and test configuration is clicked, it is showing "connector not found in cloud" error in Audit log
Import User - If loginid already exist , then remark shows "Usrsrvc.existing Login" . Change this text to "Existing Login Id"
User threshold- Pending Staging- When changing page select all box should be unchecked.
Threshold Pending staging- Whenever the page changes or the number of records per page is modified, the selection should be reset
Import/Export- Showing host server details when file is imported for script connector
Threshold pending staging- When the retry button is clicked multiple times, the validation message does not appear after the third click on UI
Application assignment- Change user search suggestion watermark
Onboarding registration- When resolution is at 80%, PAM report admin option is not visible in dropdown
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed
After release v 3.1.2, for old updated tenant campaign module is disabled
Onboarding registration- When an application is selected and then reverted to the previous page, selecting the application again causes the application count to double
External JIT- JIT configuration should be disabled until new external idp configuration details are filled
External IDP- JIT- API is showing "undefined" error on clicking JIT button and on enabling JIT configuration
External IDP- JIT- Reverse the title, it is confusing for user
MFA - Secret Question - Question selection is getting non-selectable after entering incorrect answers and then retrying for correct answer
My workspace>Inbox- Count is not showing when records are in claim
Reports( Employee's with upcoming contract end date) - By default date filter should be applied of 30 days
Provision Rule - Cursor of the condition is getting overlapped with footer of the page.
Onboarding - Login credentials timeout error
My Access - Superset Application logo and label should be changed
Applications- When any attribute is updated (made empty in the target application) and recon for both exist operation is executed, the corresponding attribute in Cymmetri should also be cleared
Deprovision- User is getting deprovisioned even after user status is changed to Active from Inactive
Audit log-Recon - When recon is executed with status as Inactive, audit log is showing "Recon initiated successfully" but not any log for execution failed/aborted
User threshold mail notification- Title changes required
Application- Managed view- When manager is removed from Cymmetri, user is still getting displayed in managed view
Create Threshold Config> Csv import- Showing empty records in pending staging list when threshold limit is exceed and user are imported via csv file
Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed
My workspace>Inbox- Count is not showing when records are in claim
login with admin-Campaign detail show role also, currently role showing only for campaign manager
Cymmetri Selfservice App - Once we click on the web link from scanner , it should show confirmation popup on screen (Suggestion)
Selfservice Mobile App - When app is in Quit state and open the app via scanner(camera), it is not redirecting to login page of the website
Push Authenticator - Need to change the error message
User creation- While creating new users then going to next level that is on groups page and then on application page ,then user should be redirected back to the group's page when back button is clicked instead of existing user creation page
Showing error when saving workflow with name( User creation, Application provisioning, Application deprovisioning)
deployment_analytics_1 Service CPU utilisation is 100%
Campaign-email report showing error
Some time tenant registration not working,showing WriteConflict error in the service
Application provisioning and deprovisioning workflow initiated request is not getting displayed in activity logs.
Workflow Rules - Application Deprovisioning event - If condition is set as RegEx for custom attribute is not working
User update-Showing audit failed-Write conflict
Report - Updated record should display on top.
Auth rule showing unknown error
Workflow List - View any workflow detail - While clicking on info icon it is showing Grade List Detail
AD-Recon-If Policy attribute marked inactive then also it is getting pull from AD
Login via Application admin- When click on application showing processing please wait error message
Applications- Application are not getting assigned to user and also audit log is not visible for the same
PAM write admin not able to assign users, user list not populating

manager notification : receiving user name required manager name
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
Reports- Records are getting displayed after 11min approximately

VERSION

New Feature

Fixes

Known Bugs

3.1.5 Beta (6 August 2024)

UI/UX - Workflow Inbox User detail will now have applications detail as well assigned to the user
UI/UX - Workflow Inbox will have start date and end date filter
User delete workflow support a. Workflow configuration support b. Rule configuration support
CISO Dashboard - REVERTED
Amaya || General Config based role data type

PAM write admin not able to assign users, user list not populating
Policy map- Empty value are getting saved in policy mapping
Workflow Rule update - View - Created by and updated by fields are empty
Superset - OpenId issue - While doing sso for superset application, it should is getting redirect superset url with error "The request to sign in was denied"
Threshold configuration- Replace could be to can be
Policy Map- When searching in the search box by any attribute, the search should get reset after changing tabs
Onboarding - Login credentials timeout error
Application- When searching user in application, user can be searched by first name, last name, login id but not by First name+lastname
PAM write admin not able to assign users, user list not populating
TOTP-Lookahead window change , on click save button show warning message,
User delete Workflow - Pending Workflow - Application details tab is not present

manager notification : receiving user name required manager name
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
Reports- Records are getting displayed after 11min approximately
Deprovision Rule executed via Scheduler - Workflow is not getting initiated for the set of users on the basis of status/end date
Workflow List - Getting error " Contact system administrator" on technova tenant

Version

New Features

Fixes

Known Bugs

3.1.6 (10 September 2024)

Form Logic - The FormLogic functionality, enables you to store custom data using flexible, administrator-defined forms. It empowers you to create forms tailored to your specific data collection requirements, providing a versatile solution for various data management needs. 360 Degree Reconciliation - Compare tab added to the current feature, where user can compare with the source application and target application and further generate reports and download csv.
SkipPasswordExpiry - We are enhancing our Password Policy by introducing a new field
SkipPasswordExpiry, within the PasswordChangeRule. This enhancement allows users to opt out of the password expiry process entirely. When the SkipPasswordExpiry field is enabled, users will not receive warnings or notifications about password expiry, nor will they be prompted to change their password due to its expiration.
Connector: SimpleLDAP application.
ICICI Client - Role Based form delivery in IGA.
SDK based integration to send mobile push notifications to mitigate legacy API issues: a. Fido Based Notifications b. Normal Push Based Notifications The LDAP adapter has been updated with a new feature that eliminates the need to enter a username and password for each execution.

Form logic-Configured Forms -On click setting icon screen getting flicker
Selfservice Submit form-Update error message and backend error code if pre and post hook script h
Form logic-on form submit close form
Form logic-Selfservice-My Form Submissions pagination, page getting blank
Archived Forms detail-Revision data showing wrong, showing non existing list
Form logic-After changing form schema, form detail showing blank
Form logic-User submissions-Provide search by taskeid, username, loginid
Form logic-on all screen search only working for the exact case, expected should be work for matchin
Form logic-Form table-sorting not working
Form logic-Pre and post hook should be non mandatory
Form map with rule-if form map more than defined limit then error message showing only one time
Staging users details - Version history log user details not loading
Form logic-Configured form and archive form detail, back button behaviour is not as expected, need
Form logic-Form Access Rules-Link form, save button should be disabled till form selection
form logic- if request is timeout or fail then feature showing disabled
Form logic-User submissions-Provide date filter
Workflow || Additional Form Info || Readonly text-based form submissions
Timebased Application: Timebased application assignment message spelling incorrect
Deprovision- When applications are assigned via group and deprovision is executed all the application
Teams - Suspended Users - List View - Edit - It is redirecting to Users but showing a blank screen
Application Search: When clicking on "View More Applications" and searching for an application, the
Pending Staging- When no records are present on the page, the "Select All" button should be disabled
User Onboarding - Dropdowns are not loading when creating a user after adding an Admin during t
Global search - Pending action is not coming in global search

manager notification : receiving user name required manager name
In application setting if show to user flag off then also application show in recent application.
Unable to identify application properties data type where value is empty
Amaya || Create user operation fails due to invalid password
Reports- Records are getting displayed after 11min approximately
Deprovision Rule executed via Scheduler - Workflow is not getting initiated for the set of users on th
Workflow List - Getting error " Contact system administrator" on technova tenant
FormLogic || Step 2 of form || Form config JSON should be mandatory

Cymmetri Error Codes

A comprehensive list of all known Cymmetri error codes and their summary understanding:

ERROR CODE

ERROR TEXT

CONNECTION_ERROR

Unable to connect. Please check your connection and try again.

USRSRVC.LAST_DATE_REACHED

The application's request end date is greater than the user's end date.

USRSRVC.MISSING_DATES

Incorrect dates Please ensure the selected date range is proper.

USRSRVC.EXPIRED_TIME_BOUND

Access request duration has ended

REGSRVC.UNKNOWN

Error. Please try again later or contact Cymmetri Administrator.

REGSRVC.USER_NOT_FOUND

User not found.

REGSRVC.INVALID_TOKEN

Token expired. Try again.

REGSRVC.OTP_EXPIRED

OTP expired. Please resend and try again.

REGSRVC.OTP_LIMIT_EXCEED

Otp limit exceeded.

REGSRVC.INVALID_OTP

OTP does not match. Please check & try again

REGSRVC.INVALID_ARGUMENTS

Error. Please correct input and try again.

REGSRVC.INVALID_DOMAIN

Invalid Domain. Please try again.

REGSRVC.INVALID_CREDENTIALS

Invalid Credentials. Please try again.

REGSRVC.TERMS_AND_CONDITIONS_NOT_FOUND

Invalid Terms & Conditions. Please try again.

REGSRVC.INVALID_ACCOUNT_VERIFICATION_TOKEN

Invalid request. Contact Cymmetri administrator.

REGSRVC.DATA_IS_NOT_VALID

Invalid data. Please try again.

REGSRVC.PASSWORD_NOT_VALID

Invalid password. Please try again

REGSRVC.EMAIL_EXISTS

Duplicate Email Address. Please try again.

REGSRVC.DOMAIN_EXISTS

Duplicate Domain.

REGSRVC.DB_CONFIG_EXISTS

Database already exists. Contact Cymmetri administrator.

REGSRVC.USER_ALREADY_ACTIVE

User status is active. Contact Cymmetri administrator.

USRSRVC.MANAGER_NOT_FOUND

No Manager Found

USRSRVC.UNSUPPORTED_FILE_TYPE

Unsupported File Type

USRSRVC.UNKNOWN

Error. Please try again later or contact Cymmetri Administrator.

USRSRVC.INVALID_ARGUMENTS

Error. Please correct input and try again.

USRSRVC.NONUNIQUE_GROUPNAME

Group name already exists. Please try again.

USRSRVC.GROUPTYPE_NOT_FOUND

Group type not found. Contact Cymmetri administrator.

USRSRVC.OU_NOT_FOUND

Organization Unit not found. Please try again.

USRSRVC.PARENTGROUP_NOT_FOUND

Parent Group not found. Please try again.

USRSRVC.GROUP_NOT_FOUND

Group not found. Please try again.

USRSRVC.USER_NOT_FOUND

User not found. Please try again.

USRSRVC.CYCLIC_UPDATE

Operation not allowed for current input.

USRSRVC.INHERITED_GROUP

Operation not allowed for current input.

USRSRVC.USERTYPE_NOT_FOUND

User type not found. Please try again.

USRSRVC.EXISTING_MOBILE

User mobile number in use. Please try again.

USRSRVC.EXISTING_EMAIL

User email address in use. Please try again.

USRSRVC.DEPARTMENT_NOT_FOUND

Department not found. Please try again.

USRSRVC.DESIGNATION_NOT_FOUND

Designation not found. Please try again.

USRSRVC.COUNTRY_NOT_FOUND

Country not found. Please try again.

USRSRVC.EXISTING_LOGIN

User Login ID in use. Please try again.

USRSRVC.APPLICATION_NOT_FOUND

Application not found. Please try again.

USRSRVC.APPLICATION_ROLE_NOT_FOUND

Application role not found. Please try again.

PROVSRVC.CYMMETRI_LOGIN_FIELD_NOT_CONFIGURED

Please configure Cymmetri Login field for Policy Mapping.

PROVSRVC.APPLICATION_TEST_FAILED

Provision Configuration failed.

USRSRVC.USER_NOT_PROVISIONED

User not provisioned. Please try again.

USRSRVC.CHILD_GROUP_FOUND

Cannot Delete as Child group found.

USRSRVC.GROUP_HAS_ASSIGNED_APPS

Group has assigned applications. Remove and try again.

USRSRVC.USER_ASSIGNED_GROUP

Cannot delete as User assigned to group.

USRSRVC.USER_MUST_PRESENT_IN_TARGET

User must present in target system before assign it to group.

USRSRVC.INACTIVE_USER

Inactive User cannot perform this action.

USRSRVC.INVALID_MANAGER

Invalid manager.

USRSRVC.MIN_ORG_ADMIN_RULE_VIOLATION

Admin role cannot be removed for this user.

USRSRVC.USER_ROLE_MAPPING_EXISTS

Role Already Exists.

USRSRVC.APPLICATION_ROLE_ALREADY_ASSIGNED

Application role is already assigned.

USRSRVC.APPLICATION_ALREADY_ASSIGNED

Application is already assigned.

USRSRVC.USER_ROLE_MAPPING_NOT_EXISTS

User role mapping does not exists.

USRSRVC.CANNOT_REMOVE_PROVISIONED_APPLICATION

Cannot remove already provisioned application.

USRSRVC.EMPTY_FILE

Empty file uploaded.

USRSRVC.SELF_STATUS_CHANGE_NOT_ALLOWED

This user cannot be deleted.

USRSRVC.MANAGER_ASSIGNMENT_REJECTED

Error. The manager assignment is invalid.

USRSRVC.INVALID_ENDDATE

The end date should be greater than start date.

USRSRVC.SELF_ROLE_CHANGE_NOT_ALLOWED

Self role change is not allowed.

USRSRVC.CUSTOM_ATTRIBUTE_MASTER_EXIST

Custom attribute already exist.

USRSRVC.CUSTOM_ATTRIBUTE_MASTER_NOT_FOUND

Custom attribute not found.

USRSRVC.DUPLICATE_NAME

Duplicate name record already exist.

USRSRVC.DUPLICATE_LABEL

Duplicate label record already exist.

USRSRVC.ATTRIBUTE_RIGHTS_NOT_FOUND

Attribute rights not found.

USRSRVC.REMOTE_GROUP_APPLICATION_NOT_FOUND

Application must present before assign user to remote group.

USRSRVC.REMOTE_GROUP_NAME_NOT_MODIFIED_EXCEPTION

Remote group name not able to update

USRSRVC.EMPTY_LOGIN

Something went wrong Please contact the administrator.

USRSRVC.TOO_LARGE_FILE

File size should not be more than {size}

USRSRVC.FORM_DEACTIVATED_EXCEPTION

Form is inactive

USRSRVC.ACTION_NOT_SUPPORTED

This action is not supported

AUTHSRVC.ACCESS_DENIED

Invalid Credentials.

AUTHSRVC.TENANT_EXPIRED

Free trial expired. Please contact Cymmetri administrator.

AUTHSRVC.UNKNOWN

Please contact system administrator.

AUTHSRVC.INVALID_TOKEN

Token is invalid.

AUTHSRVC.USER_NOT_FOUND

User not found.

AUTHSRVC.CANT_SET_FALSE_DEFAULT_PASSWORD_POLICY

Default password policy cannot be false.

AUTHSRVC.CONNECTION_FAILED

Connection failed.

AUTHSRVC.CANT_DELETE_DEFAULT_PASSWORD_POLICY

Cannot delete default password policy.

AUTHSRVC.INVALID_ARGUMENTS

Invalid argument.

AUTHSRVC.INVALID_AUTH_POLICY_CONFIG

Invalid auth policy config.

AUTHSRVC.ACCESS_DENIED_TOKEN

Session expired. Please login again

AUTHSRVC.ADAPTIVE_BLOCK_ACTION

Action blocked. Please contact administrator.

SESSION_EXPIRED

Session expired. Please refresh and try again

AUTHSRVC.NON_REMOVABLE_REFERENCED_ENTITY

Cannot modify IDP configuration till active under Authentication Policy.

AUTHSRVC.PASSWORD_POLICY_NAME_ALRAEDY_EXISTS

Password policy name already exists.

AUTHSRVC.PASSWORD_POLICY_CONDITION_ALRAEDY_EXISTS

Policy Conditions already exists.

AUTHSRVC.DEFAULT_POLICY_UPDATE_NOT_ALLOWED

Default password policy update not allowed.

AUTHSRVC.PASSWORD_COMPOSITION_RULE_VIOLATION

Password provided does not match the required guidelines.

AUTHSRVC.MOBILE_NOT_FOUND

Mobile number is not registered please contact Cymmetri Administrator.

AUTHSRVC.ALREADY_EXISTS

Name already exist. Please enter unique name.

AUTHSRVC.LDAP_ACCESS_DENIED

Access denied.

AUTHSRVC.CLIENT_EXISTS

API Client with same name already configured.

AUTHSRVC.USER_NOT_ACTIVE

Delegated user not active

AUTHSRVC.INVALID_AUTH_CONFIG

Invalid auth config

AUTHSRVC.PASSWORD_POLICY_NAME_ALREADY_EXISTS

Password policy name already exists.

AUTHSRVC.TRUST_DEVICE_MAX_DEVICE_EXCEPTION

Exceeded device trust max limit

AUTHSRVC.TRUST_DEVICE_EXPIRY_EXCEPTION

Exceeded expiration time for trust devices

AUTHSRVC.MULTIPLE_TRUST_DEVICE_CONFIG

Multiple trust device configuration found

AUTHSRVC.INVALID_GLOBAL_SESSION_CONFIGURATION

Invalid global auth configuration

AUTHSRVC.MULTI_SESSION_ACCESS_DENIED

Session(s) already in progress. Logout from all sessions to continue.

MFASRVC.UNKNOWN

Error. Please try again.

MFASRVC.USER_NOT_FOUND

User not found. Please try again.

MFASRVC.ALREADY_SENT_SMS_OTP

SMS OTP already sent.

MFASRVC.INVALID_SMS_OTP

Invalid SMS OTP provided.

MFASRVC.RESEND_COUNT_EXCEED

Allowed resend attempt exceed please try after some time

MFASRVC.PUSH_NOTIFICATION_FAILED

Failed to send the push notification. Please try again later or contact Cymmetri Administrator.

MFASRVC.MFA_CONFIG_NOT_FOUND

Multi Factor Authentication configuration not found.

MFASRVC.INVALID_ARGUMENTS

Error. Invalid request.

MFASRVC.QUESTION_NOT_FOUND

Question not found.

MFASRVC.DUPLICATE_QUESTION

Question field is duplicate. Please try again.

MFASRVC.INCORRECT_ANSWER

Answer field is incorrect. Please try again.

MFASRVC.INVALID_USERID

Invalid User. Please try again.

MFASRVC.INVALID_QUESTIONID

Question is invalid. Please try again.

MFASRVC.USER_NOT_REGISTERED

User is not registered for TOTP/Push Authentication

MFASRVC.EMPTY_QUESTION

Question field is empty. Please try again.

MFASRVC.FAILED_MINIMUM_CORRECT_ANSWER

Please provide correct answer for each question.

MFASRVC.INVALID_TOTP

Invalid Time based OTP provided.

MFASRVC.INVALID_ANSWER

Answer field is invalid. Please try again.

MFASRVC.QUESTION_NOT_REGISTERED

Question is not registered.

MFASRVC.NON_REMOVABLE_QUESTION

Question in use and cannot be removed.

MFASRVC.USER_RESPONSE_PENDING

User response is pending.

MFASRVC.USER_DENIED_ACCESS

User denied access.

MFASRVC.NOT_ABLE_TO_MODIFY

Not able to modify. Please try again

MFASRVC.INVALID_ANSWER_LENGTH

Invalid answer length

MFASRVC.DISPOSABLE_EMAIL

MFASRVC.FIREHOL_IP_REPUTATION

Ip reputation sync failed

MFASRVC.SYNC_PROCESS_RUNNING

Sync is in progress. Please wait

MFASRVC.IMPOSSIBLE_TRAVEL_NOT_FOUND

Config not found

MFASRVC.DEVICE_TRUST_NOT_FOUND

Config not found

MFASRVC.BLACKLISTED_LOCATION_NOT_FOUND

Config not found

MFASRVC.LOCATION_EMPTY

MFASRVC.BLACKLISTED_IP_NOT_FOUND

Blacklisted IP not found

MFASRVC.IP_ADDRESS_EMPTY

MFASRVC.MFA_NOT_FOUND

MFA not found

MFASRVC.INVALID_CONFIG

Invalid configuration

MFASRVC.SERVICE_NOT_SUPPORTED

MFASRVC.PLUGIN_REGISTRY_NOT_REGISTERED

MFASRVC.BLACKLISTED_IPADDRESS_CONFIG_NOT_FOUND

Config not found

MFASRVC.BLACKLISTED_LOCATION_CONFIG_NOT_FOUND

Config not found

MFASRVC.IMPOSSIBLE_TRAVEL_CONFIG_NOT_FOUND

Config not found

MFASRVC.BREACHED_PASSWORD_CONFIG_NOT_FOUND

Config not found

MFASRVC.COUNTRY_CODE_MISMATCH_CONFIG_NOT_FOUND

Config not found

MFASRVC.SHORT_LIVED_DOMAIN_CONFIG_NOT_FOUND

Config not found

MFASRVC.USER_BEHAVIOUR_CONFIG_NOT_FOUND

Config not found

MFASRVC.MULTIPLE_DEVICE_TRUST_FOUND

Multiple config found

MFASRVC.COMMON_CREDENTIAL_DOWNLOAD_FAILED

WKFLSRVC.UNKNOWN

Please contact system Administrator

WKFLSRVC.WORKFLOW_NOT_FOUND

No workflow available

WKFLSRVC.INVALID_ARGUMENTS

Please check input and try again.

WKFLSRVC.INVALID_LEVEL

Workflow Config issue

WKFLSRVC.EXCEEDED_REPORTING_MANAGER

Can not more than reporting manager

WKFLSRVC.WORKFLOW_SETUP_NOT_FOUND

No workflow config available

WKFLSRVC.REQUESTOR_NOT_FOUND

Requestor not found in the system.

WKFLSRVC.WORKFLOW_IN_PROGESS

Request is pending for approval.

WKFLSRVC.REPORTING_MANAGER_NOT_FOUND

Please assign approver's manager to complete workflow.

WKFLSRVC.LEVEL_NOT_IN_RANGE

Workflow level is not in range.

WKFLSRVC.WORKFLOW_SETUP_ALREADY_EXISTS

Workflow setup already exists.

WKFLSRVC.COMMON_REQ_ASSG_ID

Self-approval is not allowed Please contact the administrator for the reassignment.

WKFLSRVC.SAME_REQUESTOR_ASSIGNEE

Workflow cannot be assigned to same user.

WKFLSRVC.WORKFLOW_ALREADY_EXISTS

Workflow with same name already exists.

WKFLSRVC.DAYS_THRESHOLD_EXCEED_EXCEPTION

Max allowed TAT is {maxAllowedDays} days

WKFLSRVC.DELEGATE_COMMON_REQ_ASSG_ID

Approver and assignee can't be same.

WKFLSRVC.APPLICATION_DECOMMISSIONED

This application is decommissioned so the request can not be approved/rejected please refresh the page.

SSOCONFIGSRVC.UNKNOWN

Error. Please try again.

SSOCONFIGSRVC.SSO_CONFIG_NOT_FOUND

SSO config not found.

SSOCONFIGSRVC.SAML_CONFIG_NOT_FOUND

Saml config not found.

SSOCONFIGSRVC.OPENID_CLIENT_NOT_FOUND

OpenID config not found.

SSOCONFIGSRVC.DUPLICATE_OPENID_CLIENT_ID

Duplicate OpenID Client ID.

SSOCONFIGSRVC.API_CONFIG_NOT_FOUND

API config not found.

SSOCONFIGSRVC.INVALID_ARGUMENTS

Invalid Arguments.

SSOCONFIGSRVC.INVALID_CIDR

Not all CIDR are valid

SSOCONFIGSRVC.UNSUPPORTED_FILE_TYPE

Unsupported File Type

SSOCONFIGSRVC.ERROR_GENERATING_KEYS

Failed to generate keys.

SSOCONFIGSRVC.CERTIFICATE_PARSING_ERROR

Failed to read certificate. Please try again.

SSOCONFIGSRVC.ERROR_DEACTIVATING_KEYS

Failed to deactivate key. Please try again.

SSOCONFIGSRVC.KEY_GENERATION_FAILED

Failed to generate keys.

SSOCONFIGSRVC.METADATA_GENERATION_FAILED

Could not generate Metadata.

SSOCONFIGSRVC.ALRAEDY_EXISTS

Configuration for same Entity ID already exists.

SSOCONFIGSRVC.KEYS_CANNOT_BE_DISABLED

Key is being used in IDP or SP

SSOCONFIGSRVC.KEY_DOES_NOT_EXISTS

No related key found

SSOCONFIGSRVC.IDENTITY_PROVIDER_IS_DISABLED

Identity Provider is disabled

SSOCONFIGSRVC.DUPLICATE_POLICY_MAPPING

Policy mapping already exists

SSOCONFIGSRVC.USER_DOES_NOT_HAVE_ACCESS

User does not have access

SSOCONFIGSRVC.KEYS_IS_DISABLED

Keys Disabled

SSOCONFIGSRVC.IDENTITY_PROVIDER_DOES_NOT_EXISTS

Identity Provider does not exist

SSOCONFIGSRVC.IDENTITY_PROVIDER_KEY_IS_DISABLED

Identity Provider key disabled

SSOCONFIGSRVC.SERVICE_PROVIDER_IS_DISABLED

Service Provider disabled

SSOCONFIGSRVC.IDENTITY_PROVIDER_ALREADY_ENABLED

Identity Provider already enabled

SSOCONFIGSRVC.IDENTITY_PROVIDER_CANNOT_BE_DISABLED

Identity Provider can not be disabled

SSOCONFIGSRVC.KEYS_ALREADY_EXISTS

Keys already exists

SSOCONFIGSRVC.KEY_MINIMUM_EXPIRATION

Key Minimum expiration

SSOCONFIGSRVC.SERVICE_PROVIDER_ENABLED

Service provider enabled

SSOCONFIGSRVC.SERVICE_PROVIDER_DISABLED

Service provider disabled

SSOCONFIGSRVC.KEY_IS_BEING_USED

Key already used

SSOCONFIGSRVC.SERVICE_PROVIDER_CANNOT_BE_UPDATED

Service provider can not be updated

SSOCONFIGSRVC.SERVICE_PROVIDER_IS_BEING_USED

Service provider is being used

SSOCONFIGSRVC.INVALID_SAML_CONFIG

invalid saml configuration

SSOCONFIGSRVC.NOT_FOUND

SSO cofiguration not found

SSOCONFIGSRVC.CONNECTION_FAILED

SSO configuration connection failed

SSOCONFIGSRVC.FORBIDDEN

SSO configuration forbidden

SSOCONFIGSRVC.UNAUTHORIZED

SSO configuration unauthorized

SSOCONFIGSRVC.CERTIFICATE_EXPIRED

SSO configuration certificate is expired

SSOCONFIGSRVC.SAML_APP_CONFIG_NOT_FOUND

SSO configuration saml application configuration not found

SSOCONFIGSRVC.SAML_ATTR_CONFIG_NOT_FOUND

SSO configuration saml attribute configuration not found

SSOCONFIGSRVC.OPENID_SCOPE_NOT_FOUND

SSO configuration openid scope not found

SSOCONFIGSRVC.OPENID_CLAIM_NOT_FOUND

SSO configuration openid claim not found

SSOCONFIGSRVC.APPLICATION_NOT_FOUND

SSO configuration application not found

SSOCONFIGSRVC.DUPLICATE_POLICYATTRIBUTE

SSO configuration policy attribute is duplicate

SSOCONFIGSRVC.INVALID_POLICYATTRIBUTE_ID

SSO configuration policy attribute is invalid

SSOCONFIGSRVC.INAVLID_POLICYATTRIBUTE_APPLICATION

SSO configuration policy attribute application is invalid

SSOCONFIGSRVC.MANDATORY_ENTRY

SSO configuration policy field is mandatory

SSOCONFIGSRVC.INVALID_POLICY_MAP

SSO configuration policy map is invalid

SSOCONFIGSRVC.NO_MAPPING_FOUND

SSO configuration mapping is not found

SSOCONFIGSRVC.IDENTITY_PROVIDER_DOES_EXISTS

SSO configuration identity provider does not exist

SSOCONFIGSRVC.MULTIPLE_IDENTITY_PROVIDER_EXISTS

SSO configuration multiple identity provider exists

SSOCONFIGSRVC.SERVICE_PROVIDER_EXISTS

SSO configuration service provider already exists

SSOCONFIGSRVC.SERVICE_PROVIDER_DOES_NOT_EXISTS

Service provider does not exist

SSOCONFIGSRVC.DOMAIN_EXISTS

Domain doesn't exists

SAMLSRVC.KEY_DOES_NOT_EXISTS

Key doesn't exists

SAMLSRVC.INVALID_COOKIE

Invalid session. Re-login and try again

SAMLSRVC.IDENTITY_PROVIDER_IS_DISABLED

Identity Provider is disabled

SAMLSRVC.EXPIRED_TOKEN

Session Expired. Please re-login and try again

SAMLSRVC.KEYS_IS_DISABLED

Key is disabled

SAMLSRVC.KEYS_IS_EXPIRED

Key is expired

SAMLSRVC.KEYS_NOT_GENERATED

Public and private key is not generated

SAMLSRVC.SAML_TYPE_NOT_APPLICABLE

SAML type configured and SAML type received mismatched

SAMLSRVC.NAMEID_MISMATCH

SAML nameId configured and nameId received mismatched

SAMLSRVC.INVALID_SAML2_AUTHN_REQUEST_SIGNATURE

SAML authentication request signature is invalid

SAMLSRVC.ISSUE_INSTANT_MISMATCH

SAML authentication response is invalid with issue instant

SAMLSRVC.MESSAGE_REPLAY

SAML message is being sent again

SAMLSRVC.DESITNATION_MISMATCH

SAML destination configured and received mismatched

SAMLSRVC.VERSION_MISMATCH

SAML version does not match

SAMLSRVC.PROTOCOL_BINDING_MISMATCH

SAML protocol binding does not match

SAMLSRVC.REQUEST_ISSUER_URI_MISMATCH

SAML request issuer uri does not match

SAMLSRVC.ASSERTION_CONSUMER_SERVICE_URI_MISMATCH

SAML request assertion consumer service uri does not match

SAMLSRVC.INVALID_USER_SESSION

SAML user session is invalid

SAMLSRVC.USER_DOES_NOT_HAVE_ACCESS

User does not have access

SAMLSRVC.IDENTITY_PROVIDER_DOES_NOT_EXISTS

Identity Provider does not exist

SAMLSRVC.IDENTITY_PROVIDER_KEY_IS_DISABLED

Identity Provider key is disabled

SAMLSRVC.SERVICE_PROVIDER_IS_DISABLED

Service Provider is disabled

UTILSRVC.UNKNOWN

Error. Please try again.

UTILSRVC.INVALID_ARGUMENTS

Error. Please correct input and try again.

UTILSRVC.CONFIGURATION_EXIST

Hook already present.

UTILSRVC.ALREADY_EXISTS

Hook already present.

UTILSRVC.META_ATTRIBUTE_EXISTS

Name/Key or Value already exist.

UTILSRVC.MODULES_ENQUIRY_EXIST

Sales team is working on your request. We will get back to you soon.

UTILSRVC.LABEL_ALREADY_EXIST

Label Already Exists

UTILSRVC.EVENT_ALREADY_EXIST

Event Already Exists

UTILSRVC.BEHALF_CONFIG_NOT_FOUND

On Behalf configuration is not found.

UTILSRVC.MULTIPLE_BEHALF_CONFIG_FOUND

Multiple Behalf configurations found.

UTILSRVC.LENGTH_EXCEED_EXCEPTION

Length exceeded

UTILSRVC.SCRIPT_CUSTOM_ERROR-MOBILEALREADYEXIST

Mobile number already in use Try again with another number.

UTILSRVC.SCRIPT_CUSTOM_ERROR-EMAILALREADYEXIST

Email already in use Try again with another email.

USRSRVC.FORM_NOT_FOUND

Form not found

UTILSRVC.WEBHOOK_CALL_FAILED

Webhook test failed.

UTILSRVC.BATCH_TASK_EXECUTION_FAILED

Batch process execution failed.

UTILSRVC.BATCH_TASK_ALREADY_EXIST

Batch task already exists.

PROVSRVC.UNKNOWN

Error. Please try again later or contact Cymmetri Administrator.

PROVSRVC.USER_NOT_FOUND

User not found.

PROVSRVC.INVALID_ARGUMENTS

Error. Please correct input and try again.

PROVSRVC.APPLICATION_NOT_FOUND

Application not found. Please try again.

PROVSRVC.INVALID_USER_ACTION

User action not allowed. Please check configuration.

PROVSRVC.INVALID_GROUP_ACTION

Group action not allowed. Please check configuration.

PROVSRVC.INVALID_ROLE_ACTION

Role action not allowed. Please check configuration.

PROVSRVC.INAVLID_ACTION

Error. Please try again.

PROVSRVC.UID_NOT_FOUND

Record not found. Please try again.

PROVSRVC.Empty_Role_Id

Role not provided. Please try again.

PROVSRVC.Duplicate_GroupID

Duplicate Group association.

PROVSRVC.Invalid_GroupId

Invalid Group association.

PROVSRVC.CONNECTOR_NOT_FOUND

Connector not available. Please contact Cymmetri administrator.

PROVSRVC.UNSUPPORTED_OPERATION

Operation not supported.

PROVSRVC.APPLICATION_ALREADY_EXISTS

Application already exists.

PROVSRVC.INVALID_POLICYATTRIBUTE_ID

Invalid Policy configuration. Please try again.

PROVSRVC.DUPLICATE_POLICYATTRIBUTE

Duplicate Policy attribute selected.

PROVSRVC.INVALID_POLICY_MAP

Invalid Policy map.

PROVSRVC.INVALID_MASTER_AAPPLICATION_Id

Invalid master application reference.

PROVSRVC.NO_MAPPING_FOUND

Policy map not found.

PROVSRVC.DUPLICATE_POLICY_MAPPING

Duplicate Policy mapping.

PROVSRVC.INAVLID_POLICYATTRIBUTE_APPLICATION

Invalid Policy association. Please try again.

PROVSRVC.PROVISIONING_NOT_ENABLE

Provisioning not enable

PROVSRVC.DUPLICATE_ROLE

Role ID in use. Please try again.

PROVSRVC.DUPPLICATE_NAME

Name already in use.

PROVSRVC.IDENTITY_ALREADY_EXISTS_EXCEPTION

User principle is already checked Please reset and try again.

PROVSRVC.IDENTITY_NOT_CHECKED_EXCEPTION

At least one user principle should be checked.

RULESRVC.UNKNOWN

Error. Please try again.

RULESRVC.RULE_NOT_FOUND

Rule not found.

RULESRVC.RULE_CONDITION_NOT_FOUND

Rule condition not found.

RULESRVC.RULE_ACTION_GROUP_NOT_FOUND

No group associated with rule. Please try again.

RULESRVC.NON_REMOVABLE_REFERENCED_ENTITY

Cannot be modified as entity in use.

RULESRVC.ALRAEDY_EXISTS

Rule with same name already exists.

RULESRVC.RULE_CONFIGURE_ALREADY_EXIST

Rule with same condition configuration already exists.

RULESRVC.MULTIPLE_ZONES_FOUND

Multiple zones found.

RULESRVC.ZONE_NOT_FOUND

Zone not found.

RULESRVC.INVALID_ARGUMENTS

Please correct the input and try again.

RULESRVC.DEFAULT_RULE_NOT_FOUND

Default rule not found.

IGSRVC.UNKNOWN

Error. Please try again.

IGSRVC.INVALID_JWT

Error. Invalid JWT token.

IGSRVC.CAMPAIGN_COMPLETION_PERIOD_EXCEED

Error. Campaign Completion Period Exceeded.

IGSRVC.CAMPAIGN_STAGE_NOT_FOUND

Error. Campaign Stage Not Found.

IGSRVC.CAMPAIGN_SCOPE_NOT_FOUND

Error. Campaign Scope Not Found.

IGSRVC.CAMPAIGN_ALREADY_IN_DRAFT_STATE

Error. Campaign Already In Draft State.

IGSRVC.CAMPAIGN_ALREADY_IN_PUBLISHED_STATE

Error. Campaign Already In Published State.

IGSRVC.CAMPAIGN_EXECUTION_IN_PROGRESS

Error. Campaign Execution in Progress.

IGSRVC.CAMPAIGN_ASSIGNMENT_NOT_FOUND

Error. Campaign Assignment Not Found.

IGSRVC.CAMPAIGN_HISTORY_NOT_FOUND

Error. Campaign History Not Found.

IGSRVC.UNABLE_TO_PROCESS_RESPONSE

Error. Unable To Process Response.

IGSRVC.CAMPAIGN_ASSIGNMENT_APPLICATION_NOT_FOUND

Error. Campaign Assignment Application Not Found.

IGSRVC.CAMPAIGN_ASSIGNMENT_APPLICATION_ROLE_NOT_FOUND

Error. Campaign Assignment Application Role Not Found.

IGSRVC.APP_ROLE_ALREADY_PROCEED

Error. App Role Already Proceeded.

IGSRVC.INACTIVE_USER_FOUND

Error. Inactive User Found.

IGSRVC.NO_ACTIVE_EXECUTION_FOUND

Error. No Active Execution Found.

IGSRVC.INVALID_CRON_EXPRESSION

Error. Invalid Cron Expression.

IGSRVC.DUPLICATE_CAMPAIGNNAME

Error. Duplicate Campaign Name.

IGSRVC.CAMPAIGN_NOT_FOUND

Campaign not found.

IGSRVC.INVALID_ARGUMENTS

Error. Please correct input and try again.

IGSRVC.CAMPAIGN_STATE_STARTED

Error. Campaign State Already Started.

IGSRVC.STAGE_LIMIT_EXCEED

Error. Stage Limit Exceeded.

IGSRVC.DUPLICATE_STAGE

Error. Duplicate Stage.

IGSRVC.ASSIGNMENT_ALREADY_PROCEED

Error. Assignment Already Proceeded.

IGSRVC.INVALID_CAMPAIGN_ITERATION

Invalid Campaign Iteration.

IGSRVC.INVALID_CAMPAIGN_MANAGER_ASSIGNEE

Campaign manager or assignee configured in stages are not valid.

IGSRVC.INVALID_CAMPAIGN_STATUS

Campaign execution in progress operation not allowed.

IGSRVC.USER_WITH_NO_VALID_APPLICATION

No valid assignments found aborted execution.

IGSRVC.CONNECTION_FAILED

Please check your internet connection.

IGSRVC.ALRAEDY_EXISTS

Record already exists.

IGSRVC.FORBIDDEN

Please contact system administrator.

IGSRVC.UNAUTHORIZED

Please contact system administrator.

IGPROCESS.UNKNOWN

Error. Please try again.

IGPROCESS.INVALID_ARGUMENTS

Error. Please correct input and try again.

IGPROCESS.CAMPAIGN_NOT_FOUND

Error. Campaign Not Found.

IGPROCESS.NO_ACTIVE_EXECUTION_FOUND

Error. No Active Execution Found.

IGPROCESS.CAMPAIGN_HISTORY_NOT_FOUND

Error. Campaign History Not Found.

IGPROCESS.INVALID_CAMPAIGN_ITERATION

Error. Invalid Campaign Iteration.

IGPROCESS.CAMPAIGN_EXECUTION_IN_PROGRESS

Error. Campaign Execution In Progress.

IGPROCESS.MATCHING_ASSIGNMENTS_NOT_FOUND

Error. Matching Assignments Not Found.

SCHEDULER.UNKNOWN

Error. Please try again.

SCHEDULER.TASK_NOT_FOUND

Error. Task Not Found.

SCHEDULER.TASK_NOT_ACTIVE

Error. Task Not Active.

SCHEDULER.INVALID_ARGUMENTS

Error. Please correct input and try again.

SCHEDULER.INVALID_START_DATE

Error. Invalid Start Date.

SCHEDULER.TENANT_NOT_FOUND

Error. Tenant Not Found.

SCHEDULER.UPDATE_NOT_SUPPORTED

Error. Update Is Not Supported.

SCHEDULER.CRON_REPETITION_BELOW_ALLOWED_LIMIT

Error. Cron Repetition Is Below Allowed Limit.

SCHEDULER.INVALID_CRON_EXPRESSION

Invalid Cron Expression.

SODSRVC.ALREADY_EXISTS

Error. Value Already Exists.

SODSRVC.INVALID_ARGUMENTS

Error. Please correct the input and try again.

SAMLEXTIDPCONFIGSRVC.UNKNOWN

Error. Please try again.

SAMLEXTIDPCONFIGSRVC.IDENTITY_PROVIDER_WITH_NAME_EXISTS

Idenity Provider with same name already exist. Please enter unique name.

SAMLEXTIDPCONFIGSRVC.SERVICE_PROVIDER_WITH_NAME_EXISTS

Service Provider with same name already exists.

SAMLEXTIDPCONFIGSRVC.NON_REMOVABLE_REFERENCED_ENTITY

Cannot modify or remove service provider till active under external identity policy or rule.

SAMLEXTIDPCONFIGSRVC.INVALID_ARGUMENTS

Please correct the input and try again.

SAMLEXTIDPCONFIGSRVC.CERTIFICATE_PARSING_ERROR

Error occurred while parsing certificate.

SAMLEXTIDPCONFIGSRVC.AUTH_TYPE_CANNOT_BE_UPDATED

Identity provider type cannot be updated.

SAMLEXTIDPCONFIGSRVC.CONNECTION_FAILED

Please check your internet connection.

SAMLEXTIDPCONFIGSRVC.IDP_CONFIGURATION_NOT_FOUND

Identity provider configuration not found.

SAMLEXTIDPCONFIGSRVC.MULTIPLE_IDP_CONFIGURATION_FOUND

Multiple identity provider configuration found.

SAMLEXTIDPCONFIGSRVC.NAME_ID_POLICY_NAME_ID_VALUE_MISMATCH

NameIdPolicy and NameIdValue does not match.

SAMLEXTIDPCONFIGSRVC.SP_CONFIGURATION_NOT_FOUND

Service provider configuration not found.

SAMLEXTIDPCONFIGSRVC.UNAUTHORIZED

Please contact system administrator.

SAMLEXTIDPCONFIGSRVC.SERVICE_PROVIDER_NOT_FOUND

Service provider not found.

SAMLEXTIDPCONFIGSRVC.CERTIFICATE_NOT_FOUND

Certificate not found.

SAMLEXTIDPCONFIGSRVC.EAMIL_EXISTS

Email already exists.

SAMLEXTIDPCONFIGSRVC.CUSTOM_IDENTITY_TYPE_MUST_HAVE_ID

Custom identity type must have ID.

SAMLEXTIDPCONFIGSRVC.INACTIVE_CONFIGURATION_FOUND

Inactive configuration found.

SAMLEXTIDPCONFIGSRVC.INVALID_IDP_CONFIGURED

Invalid IDP configured.

SAMLEXTIDPCONFIGSRVC.NO_MAPPING_FOUND

No mapping found.

SAMLEXTIDPCONFIGSRVC.INVALID_POLICY_MAPPING

Invalid policy mapping.

SAMLEXTIDPCONFIGSRVC.POLICY_MAP_REQUIRED_FIELD_NOT_FOUND

Policy map required field not found.

SAMLEXTIDPCONFIGSRVC.MANDATORY_FIELD_EXCEPTION

Mandatory field exception.

SAMLEXTIDPCONFIGSRVC.MAPPING_ALREADY_EXISTS

Mapping already exists.

SAMLEXTIDPCONFIGSRVC.JIT_CONFIGURATION_NOT_FOUND

JIT configuration not found.

USRSRVC.INVALID_EXTENSION_ENDDATE

Extended end date should be less than current access end date.

MFASRVC.SMS_OTP_EXPIRED

SMS OTP expired.

MFASRVC.SHORT_ANSWER_LENGTH

Answer length is short.

MFASRVC.DEVICE_INFO_NOT_FOUND

Please scan the QR code.

AUTHSRVC.USER_LOCKED

User locked. Please Unlock your Account.

AUTHSRVC.EMAIL_NOT_FOUND

Email not found.

AUTHSRVC.INVALID_USER_ACCOUNT_STATE

Your account is expired/inactive. Please contact Cymmetri Administrator

AUTHSRVC.INVALID_DATE

Start/End date should be greater than current date and time.

AUTHSRVC.DELEGATE_CONSENT_NOT_FOUND

Error. Delegate consent not found.

AUTHSRVC.DELEGATE_USER_NOT_FOUND

Error. User doesn't have delegation access.

AUTHSRVC.NO_OPTION_AVAILABLE

Please contact Cymmetri Administrator for Password Reset.

AUTHSRVC.DELEGATION_DEACTIVATE

Error. Delegation is inactive.

AUTHSRVC.PASSWORD_EXPIRED

Your password has expired Please reset your password.

PROVSRVC.UNSUPPORTED_DELEGETE_MFA_SETUP

Delegatee can't setup MFA for application having additional authentication

PAMSRVC.UNSUPPORTED_DELEGETE_MFA_SETUP

Delegatee can't setup MFA for application having additional authentication

SLFSRVC.EXISITNG_APP_IN_TAG_FOUND

Application already available in tag.

AD-ADAPTER.FAILED_TO_PWD_CHANGE

Password change failed.

AUTHSRVC.INVALID_CONFIG

Invalid config for authentication policy or rule

PROVSRVC.UNAUTHORIZED

Unauthorized access.

REGSRVC.UNAUTHORIZED

Unauthorized access.

MFASRVC.INVALID_MFA_OTP_CONFIG

Invalid Otp config please contact admin

MFASRVC.EMAIL_NOT_FOUND

Email not registered please contact admin

MFASRVC.MOBILE_NOT_FOUND

Mobile not registered please contact admin

MFASRVC.EMAIL_MOBILE_NOT_FOUND

Mobile or email not registered please contact admin

MFASRVC.LARGE_ANSWER_LENGTH

Maximum answer lenght exceeded try with shorter length answer

SLFSRVC.EXISITNG_USER_TAG_FOUND

Tag with same name already exists

SLFSRVC.IMAGE_MAXSIZE_EXCEEDED

Maximum limit for file size exceeded.

SLFSRVC.IMAGE_TYPE_NOTALLOWED

Image Type not allowed

SLFSRVC.INVALID_ARGUMENTS

Invalid Arguments

REPORT.EMAIL_NOT_EXISTS_EXCEPTION

User Email Not Found. Please contact cymmetri administrator.

REPORT.CONNECTION_FAILED

Failed to send report.

SOME_ERROR_OCCURRED_WORKING_ON_IT

Please contact cymmetri administrator.

INVALID_IDENTITY_PROVIDER_STATUS

Invalid Identity Provider Status. Please contact cymmetri administrator.

INVALID_ARGUMENTS

Please correct Input and try again. Please contact cymmetri administrator.

INVALID_SERVICE_PROVIDER_STATUS

Invalid Service Provider Status. Please contact cymmetri administrator.

MANDATORY_FIELD_EXCEPTION

Mandatory Field is Missing. Please contact cymmetri administrator.

TENANT_OR_HOST_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

TENANT_OR_HOST_PROTO_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

SOME_IMPERSONATE_ACCESS

Unauthorized Access. Please contact cymmetri administrator.

SERVICE_PROVIDER_INBOUND_MESSAGE_ERROR

Invalid SAML Message Received. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_VERSION

Invalid SAML Response Assertion version. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ISSUE_INSTANT

Invalid SAML Response Issue. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_STATUS

Invalid SAML Response Status. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_STATUS_REQUESTER_URI

Invalid SAML Response Status Requester URI. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_STATUS_RESPONDER_URI

Invalid SAML Response Status Response URI. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_STATUS_VERSION_MISMATCH_URL

Invalid SAML Response Status Version Mismatch URI. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE

Invalid SAML Response. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_DESTINATION

Invalid SAML Response Destination. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_VERSION_OR_ASSERTION_VERSION

Invalid SAML Response Version or Assertion Version. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_SUBJECT

Invalid SAML Response Assertion Subject. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_SUBJECT_NAMEID

Invalid SAML Response Assertion Subject NameId. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_ISSUER

Invalid SAML Response Assertion Issuer. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_CONDITION_AUDIENCE

Invalid SAML Response Assertion Condition Audience. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_AUTHNSTATEMENT

Invalid SAML Response Assertion AuthNStatement. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_ATTRIBUTE

Invalid SAML Response Assertion Attribute. Please contact cymmetri administrator.

MULTIPLE_ASSERTIONS_IN_RESPONSE_NOT_SUPPORTED

Multiple Assertion in Response Not Supported. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_SIGNATURE

Invalid SAML Response Assertion Signature. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_SIGNATURE

Invalid SAML Response Signature. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION_CONDITION

Invalid SAML Response Assertion Condition. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ASSERTION

Invalid SAML Response Assertion. Please contact cymmetri administrator.

INVALID_SAML_RESPONSE_ISSUER

Invalid SAML Response Issuer. Please contact cymmetri administrator.

IDP_CONFIGURATION_NOT_FOUND

Idp Configuration Not Found. Please contact cymmetri administrator.

SP_ID_IDP_ID_LOGIN_EMPTY

Service provider or identity provider login not provided. Please contact cymmetri administrator.

SERVICE_PROVIDER_CONFIGURATION_NOT_FOUND

Service Provider Configuration Not Found. Please contact cymmetri administrator.

ERROR_BUILDING_SAML_AUTHN_REQUEST

Failed To Build SAML Authentication Request. Please contact cymmetri administrator.

ERROR_PERSISTING_SAML_AUTHN_REQUEST

Failed To Persist SAML Authentication Request. Please contact cymmetri administrator.

ERROR_SENDING_SAML_AUTHN_REQUEST

Failed to Send SAML Authentication Request. Please contact cymmetri administrator.

USER_EMAIL_ADDRESS_NOT_PRESENT

User Email Not Found. Please contact cymmetri administrator.

USER_LOGIN_NOT_PRESENT

User Login Not Found. Please contact cymmetri administrator.

EMAIL_ADDRESS_DOES_NOT_MATCH

Email Address does not matching. Please contact cymmetri administrator.

LOGIN_DOES_NOT_MATCH

USER_NOT_AVAILABLE

User is not present. Please contact cymmetri administrator.

SERVICE_PROVIDER_NOT_FOUND

Service provider is not found. Please contact cymmetri administrator.

UNAUTHORIZED_ACCESS

Unauthorized Access. Please contact cymmetri administrator.

UNAUTHORIZED

Unauthorized Access. Please contact cymmetri administrator.

USER_NOT_FOUND

User Not found. Please contact cymmetri administrator.

DATA_NOT_PRESENT

Application configuration does not exist. Please contact cymmetri administrator.

ARGUMENT_IS_REQUIRED

Please correct Input and try again. Please contact cymmetri administrator.

APPLICATION_CONFIG_EXISTS

Application Configuration already exists. Please contact cymmetri administrator.

APPLICATION_CONFIG_NOT_PRESENT

Application configuration does not exists. Please contact cymmetri administrator.

INVALID_TOKEN

Invalid token Please contact cymmetri administrator.

TENANT_NOT_FOUND

Tenant detail not availaible. Please contact cymmetri administrator.

INVALID_APPLICATION_ID

Invalid application id. Please contact cymmetri administrator.

APPLICATION_WITH_ISSUER_NOT_FOUND

Application configuration with issuer not found. Please contact cymmetri administrator.

EXCEPTION_OCCURED_WITH_TENANT_JKS

Please contact cymmetri administrator.

EXCEPTION_OCCURED_WITH_TENANT_JKS_KEY_GENERATE

Please contact cymmetri administrator.

APPLICATION_NOT_ASSIGNED_TO_USER

Application is not assigned to the user. Please contact cymmetri administrator.

USER_NOT_ASSIGNED_SERVICE_PROVIDER_ERROR

User is not assigned to the service provider. Please contact cymmetri administrator.

SOMETHING_WENT_WRONG

Please contact cymmetri administrator.

SERVICE_PROVIDER_NAMEIDVALUE_MISMATCH_ERROR

Service provider nameId value does not match with configured application. Please contact cymmetri administrator.

SERVICE_PROVIDER_NAMEID_MISMATCH_ERROR

Service provider nameId value does not match with configured application. Please contact cymmetri administrator.

TENANT_HOST_NOT_FOUND

Please contact cymmetri administrator.

APPLICATION_CONFIG_NOT_FOUND

Application Configuration not found. Please contact cymmetri administrator.

SAMLREQUEST_NOT_PRESENT_IN_REQUEST

SAML Request is not present in Request. Please contact cymmetri administrator.

CONFIGURED_REQUEST_ISSUER_AND_SAML_REQUEST_NOT_ISSUER_NOT_MATCH

Application issuer Configuration does not match. Please contact cymmetri administrator.

INVALID_REQUEST_ISSUER

Invalid Request Issuer. Please contact cymmetri administrator.

IDENTITY_TOKEN_SAML_REQUEST_NOT_FOUND

Invalid Identity SAML Request Token. Please contact cymmetri administrator.

IDENTITY_REFRESH_SAML_REQUEST_NOT_FOUND

Invalid Refresh SAML Request Token. Please contact cymmetri administrator.

USER_NOT_ASSIGNED_TO_APPLICATION

User is not associated with the application. Please contact cymmetri administrator.

SSO_ERROR_SENDING_SAML_RESPONSE

Error Sending SAML Response. Please contact cymmetri administrator.

SSO_CONFIG_NOT_FOUND_APPLICATION_ID

SSO configuration not found for application. Please contact cymmetri administrator.

SSO_USER_NOT_FOUND

SSO user found for application. Please contact cymmetri administrator.

INTERNAL_SERVER_ERROR

Please contact cymmetri administrator.

IDP_SSO_JKS_MANAGER_FAILED

Please contact cymmetri administrator.

IDP_SSO_CUSTOM_JKS_FAILED

Please contact cymmetri administrator.

IDP_SSO_FAILED

SSO failed for identity provider. Please contact cymmetri administrator.

SERVICE_PROVIDER_SESSION_NOT_FOUND

Service provider session not availaible. Please contact cymmetri administrator.

INVALID_SP_INITIATED_REQUEST

Invalid service provider request. Please contact cymmetri administrator.

ERROR_PARSING_SAML_SLO

Error validating saml slo request. Please contact cymmetri administrator.

SERVICE_PROVIDER_ERROR

Failed with service provider. Please contact cymmetri administrator.

EXPIRED_REFRESH_TOKEN

Refresh token is expired. Please contact cymmetri administrator.

INVALID_REFRESH_TOKEN

Invalid refresh token. Please contact cymmetri administrator.

EMPTY_REFRESH_TOKEN

Empty refresh token. Please contact cymmetri administrator.

REFRESH_TOKEN_COOKIE_NOT_PRESENT

Refresh token cookie not present. Please contact cymmetri administrator.

APPLICATION_ID_NOT_PRESENT_IN_CONFIG

Application id not present. Please contact cymmetri administrator.

APPLICATION_ID_NOT_PRESENT_IN_REQUEST

Application id is not present in request Please contact cymmetri administrator.

EXPIRED_SSO_IDENTITY_TOKEN

SSO identity token is expired. Please contact cymmetri administrator.

EMPTY_SSO_IDENTITY_TOKEN

SSO identity token is invalid. Please contact cymmetri administrator.

REQUEST_ISSUER_FROM_SAML_REQUEST_NOT_PRESNETTITY_TOKEN

Request issuer is not present in saml request. Please contact cymmetri administrator.

INVALID_SSO_IDENTITY_TOKEN

Invalid SSO identity token. Please contact cymmetri administrator.

IDP_SLO_FAILED

Identity provider single logout failed. Please contact cymmetri administrator.

BUILD_SLO_REQUEST_FAILED

Build to failed single logout request. Please contact cymmetri administrator.

SLO_REQUEST_SEND_FAILED

Failed to send single logout request. Please contact cymmetri administrator.

SLO_RESPONSE_SEND_FAILED

Failed to send single logout response. Please contact cymmetri administrator.

ERROR_PERSISTING_SLO_REQUEST

Failed to persist single logout request. Please contact cymmetri administrator.

SLO_RESPONSE_SAML_ATTRIBUTE_VALIDATION_FAILED

Failed to validate single logout response attribute. Please contact cymmetri administrator.

INVALID_SAML_SLO_RESPONSE

Invalid saml single logout response. Please contact cymmetri administrator.

INVALID_SAML_SLO_MESSAGE

Invalid saml single logout message. Please contact cymmetri administrator.

SLO_REQUEST_VALIDATION_FAILED

Failed to validate single logout request. Please contact cymmetri administrator.

SLO_RESPONSE_VALIDATION_FAILED

Failed to validate single logout response. Please contact cymmetri administrator.

REMOVE_USER_BEFORE_APPLICATION

Users should get removed before removing the application.

PROVSRVC.REMOVE_USER_BEFORE_APPLICATION

Users should get removed before removing the application.

PAMSRVC.INVALID_ARGUMENTS

AD Parameter not found

PAMSRVC.IMPORT_DATA_TO_CSV_FILE_FAILED

CSV file not generated

PAMSRVC.UPDATE_AD_USER_PASSWORD_FAILED

Password update fail

PAMSRVC.VAULT_USER_ALREADY_AVAILABLE

Vault user already exist

PAMSRVC.BREAK_GLASS_NOT_FOUND

Break Glass Configuration Not Found

PAMSRVC.SERVER_ALREADY_EXISTS

Device Already Exists

DORMANCY_DISABLE_DAYS_EXCEEDED

Config days exceeded

PAMSRVC.DORMANCY_DISABLE_DAYS_EXCEEDED

Config days exceeded

SAMLSPSRVC.SOME_ERROR_OCCURRED_WORKING_ON_IT

Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_IDENTITY_PROVIDER_STATUS

Invalid Identity Provider Status. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_ARGUMENTS

Please correct Input and try again. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SERVICE_PROVIDER_STATUS

Invalid Service Provider Status. Please contact cymmetri administrator.

SAMLSPSRVC.MANDATORY_FIELD_EXCEPTION

Mandatory Field is Missing. Please contact cymmetri administrator.

SAMLSPSRVC.TENANT_OR_HOST_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

SAMLSPSRVC.TENANT_OR_HOST_PROTO_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

SAMLSPSRVC.SOME_IMPERSONATE_ACCESS

Unauthorized Access. Please contact cymmetri administrator.

SAMLSPSRVC.SERVICE_PROVIDER_INBOUND_MESSAGE_ERROR

Invalid SAML Message Received. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_VERSION

Invalid SAML Response Assertion version. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ISSUE_INSTANT

Invalid SAML Response Issue. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_STATUS

Invalid SAML Response Status. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_STATUS_REQUESTER_URI

Invalid SAML Response Status Requester URI. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_STATUS_RESPONDER_URI

Invalid SAML Response Status Response URI. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_STATUS_VERSION_MISMATCH_URL

Invalid SAML Response Status Version Mismatch URI. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE

Invalid SAML Response. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_DESTINATION

Invalid SAML Response Destination. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_VERSION_OR_ASSERTION_VERSION

Invalid SAML Response Version or Assertion Version. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_SUBJECT

Invalid SAML Response Assertion Subject. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_SUBJECT_NAMEID

Invalid SAML Response Assertion Subject NameId. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_ISSUER

Invalid SAML Response Assertion Issuer. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_CONDITION_AUDIENCE

Invalid SAML Response Assertion Condition Audience. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_AUTHNSTATEMENT

Invalid SAML Response Assertion AuthNStatement. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_ATTRIBUTE

Invalid SAML Response Assertion Attribute. Please contact cymmetri administrator.

SAMLSPSRVC.MULTIPLE_ASSERTIONS_IN_RESPONSE_NOT_SUPPORTED

Multiple Assertion in Response Not Supported. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_SIGNATURE

Invalid SAML Response Assertion Signature. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_SIGNATURE

Invalid SAML Response Signature. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION_CONDITION

Invalid SAML Response Assertion Condition. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ASSERTION

Invalid SAML Response Assertion. Please contact cymmetri administrator.

SAMLSPSRVC.INVALID_SAML_RESPONSE_ISSUER

Invalid SAML Response Issuer. Please contact cymmetri administrator.

SAMLSPSRVC.IDP_CONFIGURATION_NOT_FOUND

Idp Configuration Not Found. Please contact cymmetri administrator.

SAMLSPSRVC.SP_ID_IDP_ID_LOGIN_EMPTY

Service provider or identity provider login not provided. Please contact cymmetri administrator.

SAMLSPSRVC.SERVICE_PROVIDER_CONFIGURATION_NOT_FOUND

Service Provider Configuration Not Found. Please contact cymmetri administrator.

SAMLSPSRVC.ERROR_BUILDING_SAML_AUTHN_REQUEST

Failed To Build SAML Authentication Request. Please contact cymmetri administrator.

SAMLSPSRVC.ERROR_PERSISTING_SAML_AUTHN_REQUEST

Failed To Persist SAML Authentication Request. Please contact cymmetri administrator.

SAMLSPSRVC.ERROR_SENDING_SAML_AUTHN_REQUEST

Failed to Send SAML Authentication Request. Please contact cymmetri administrator.

SAMLSPSRVC.USER_EMAIL_ADDRESS_NOT_PRESENT

User Email Not Found. Please contact cymmetri administrator.

SAMLSPSRVC.USER_LOGIN_NOT_PRESENT

User Login Not Found. Please contact cymmetri administrator.

SAMLSPSRVC.EMAIL_ADDRESS_DOES_NOT_MATCH

Email Address does not matching. Please contact cymmetri administrator.

SAMLSPSRVC.LOGIN_DOES_NOT_MATCH

SAMLSPSRVC.USER_NOT_AVAILABLE

User is not present. Please contact cymmetri administrator.

SAMLSPSRVC.SERVICE_PROVIDER_NOT_FOUND

Service provider is not found. Please contact cymmetri administrator.

SAMLSPSRVC.UNAUTHORIZED_ACCESS

Unauthorized Access. Please contact cymmetri administrator.

SAMLSPSRVC.UNAUTHORIZED

Unauthorized Access. Please contact cymmetri administrator.

SAMLSPSRVC.USER_NOT_FOUND

User Not found. Please contact cymmetri administrator.

SAMLSRVC.SOME_ERROR_OCCURRED_WORKING_ON_IT

Please contact cymmetri administrator.

SAMLSRVC.DATA_NOT_PRESENT

Application configuration does not exist. Please contact cymmetri administrator.

SAMLSRVC.ARGUMENT_IS_REQUIRED

Please correct Input and try again. Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_CONFIG_EXISTS

Application Configuration already exists. Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_CONFIG_NOT_PRESENT

Application configuration does not exists. Please contact cymmetri administrator.

SAMLSRVC.INVALID_TOKEN

Invalid token Please contact cymmetri administrator.

SAMLSRVC.TENANT_NOT_FOUND

Tenant detail not availaible. Please contact cymmetri administrator.

SAMLSRVC.INVALID_APPLICATION_ID

Invalid application id. Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_WITH_ISSUER_NOT_FOUND

Application configuration with issuer not found. Please contact cymmetri administrator.

SAMLSRVC.EXCEPTION_OCCURED_WITH_TENANT_JKS

Please contact cymmetri administrator.

SAMLSRVC.EXCEPTION_OCCURED_WITH_TENANT_JKS_KEY_GENERATE

Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_NOT_ASSIGNED_TO_USER

Application is not assigned to the user. Please contact cymmetri administrator.

SAMLSRVC.TENANT_OR_HOST_PROTO_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

SAMLSRVC.USER_NOT_ASSIGNED_SERVICE_PROVIDER_ERROR

User is not assigned to the service provider. Please contact cymmetri administrator.

SAMLSRVC.SOMETHING_WENT_WRONG

Please contact cymmetri administrator.

SAMLSRVC.SERVICE_PROVIDER_NAMEIDVALUE_MISMATCH_ERROR

Service provider nameId value does not match with configured application. Please contact cymmetri administrator.

SAMLSRVC.SERVICE_PROVIDER_NAMEID_MISMATCH_ERROR

Service provider nameId value does not match with configured application. Please contact cymmetri administrator.

SAMLSRVC.TENANT_HOST_NOT_FOUND

Please contact cymmetri administrator.

SAMLSRVC.TENANT_OR_HOST_NOT_RECEIVED_FROM_NGINX

Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_CONFIG_NOT_FOUND

Application Configuration not found. Please contact cymmetri administrator.

SAMLSRVC.SAMLREQUEST_NOT_PRESENT_IN_REQUEST

SAML Request is not present in Request. Please contact cymmetri administrator.

SAMLSRVC.CONFIGURED_REQUEST_ISSUER_AND_SAML_REQUEST_NOT_ISSUER_NOT_MATCH

Application issuer Configuration does not match. Please contact cymmetri administrator.

SAMLSRVC.INVALID_REQUEST_ISSUER

Invalid Request Issuer. Please contact cymmetri administrator.

SAMLSRVC.IDENTITY_TOKEN_SAML_REQUEST_NOT_FOUND

Invalid Identity SAML Request Token. Please contact cymmetri administrator.

SAMLSRVC.IDENTITY_REFRESH_SAML_REQUEST_NOT_FOUND

Invalid Refresh SAML Request Token. Please contact cymmetri administrator.

SAMLSRVC.USER_NOT_ASSIGNED_TO_APPLICATION

User is not associated with the application. Please contact cymmetri administrator.

SAMLSRVC.SSO_ERROR_SENDING_SAML_RESPONSE

Error Sending SAML Response. Please contact cymmetri administrator.

SAMLSRVC.SSO_CONFIG_NOT_FOUND_APPLICATION_ID

SSO configuration not found for application. Please contact cymmetri administrator.

SAMLSRVC.SSO_USER_NOT_FOUND

SSO user found for application. Please contact cymmetri administrator.

SAMLSRVC.INTERNAL_SERVER_ERROR

Please contact cymmetri administrator.

SAMLSRVC.IDP_SSO_JKS_MANAGER_FAILED

Please contact cymmetri administrator.

SAMLSRVC.IDP_SSO_CUSTOM_JKS_FAILED

Please contact cymmetri administrator.

SAMLSRVC.IDP_SSO_FAILED

SSO failed for identity provider. Please contact cymmetri administrator.

SAMLSRVC.SERVICE_PROVIDER_SESSION_NOT_FOUND

Service provider session not availaible. Please contact cymmetri administrator.

SAMLSRVC.INVALID_ARGUMENTS

Please correct input and try again. Please contact cymmetri administrator.

SAMLSRVC.INVALID_SP_INITIATED_REQUEST

Invalid service provider request. Please contact cymmetri administrator.

SAMLSRVC.ERROR_PARSING_SAML_SLO

Error validating saml slo request. Please contact cymmetri administrator.

SAMLSRVC.SERVICE_PROVIDER_ERROR

Failed with service provider. Please contact cymmetri administrator.

SAMLSRVC.EXPIRED_REFRESH_TOKEN

Refresh token is expired. Please contact cymmetri administrator.

SAMLSRVC.INVALID_REFRESH_TOKEN

Invalid refresh token. Please contact cymmetri administrator.

SAMLSRVC.EMPTY_REFRESH_TOKEN

Empty refresh token. Please contact cymmetri administrator.

SAMLSRVC.REFRESH_TOKEN_COOKIE_NOT_PRESENT

Refresh token cookie not present. Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_ID_NOT_PRESENT_IN_CONFIG

Application id not present. Please contact cymmetri administrator.

SAMLSRVC.APPLICATION_ID_NOT_PRESENT_IN_REQUEST

Application id is not present in request Please contact cymmetri administrator.

SAMLSRVC.EXPIRED_SSO_IDENTITY_TOKEN

SSO identity token is expired. Please contact cymmetri administrator.

SAMLSRVC.EMPTY_SSO_IDENTITY_TOKEN

SSO identity token is invalid. Please contact cymmetri administrator.

SAMLSRVC.REQUEST_ISSUER_FROM_SAML_REQUEST_NOT_PRESNETTITY_TOKEN

Request issuer is not present in saml request. Please contact cymmetri administrator.

SAMLSRVC.INVALID_SSO_IDENTITY_TOKEN

Invalid SSO identity token. Please contact cymmetri administrator.

SAMLSRVC.IDP_SLO_FAILED

Identity provider single logout failed. Please contact cymmetri administrator.

SAMLSRVC.BUILD_SLO_REQUEST_FAILED

Build to failed single logout request. Please contact cymmetri administrator.

SAMLSRVC.SLO_REQUEST_SEND_FAILED

Failed to send single logout request. Please contact cymmetri administrator.

SAMLSRVC.SLO_RESPONSE_SEND_FAILED

Failed to send single logout response. Please contact cymmetri administrator.

SAMLSRVC.ERROR_PERSISTING_SLO_REQUEST

Failed to persist single logout request. Please contact cymmetri administrator.

SAMLSRVC.SLO_RESPONSE_SAML_ATTRIBUTE_VALIDATION_FAILED

Failed to validate single logout response attribute. Please contact cymmetri administrator.

SAMLSRVC.INVALID_SAML_SLO_RESPONSE

Invalid saml single logout response. Please contact cymmetri administrator.

SAMLSRVC.INVALID_SAML_SLO_MESSAGE

Invalid saml single logout message. Please contact cymmetri administrator.

SAMLSRVC.SLO_REQUEST_VALIDATION_FAILED

Failed to validate single logout request. Please contact cymmetri administrator.

SAMLSRVC.SLO_RESPONSE_VALIDATION_FAILED

Failed to validate single logout response. Please contact cymmetri administrator.

SAMLSRVC.UNAUTHORIZED

Unauthorized. Please contact cymmetri administrator.

INVALID_USER_SESSION

User login session is invalid

USER_NOT_CONFIGURED_FOR_EXTERNAL_LOGOUT

User is not configured for external identity provider logout

USER_DOES_NOT_HAVE_ANY_ACTIVE_SSO_SESSION

User does not have any active sso login session

ISSUE_INSTANT_EXCEPTION

Invalid user issue instant exception

NOT_ON_OR_AFTER_EXCEPTION

Saml attribute is not valid before and after timestamp

NAME_ID_FORMAT_EXCEPTION

Invalid user name id is not valid

SESSION_INDEX_EXCEPTION

User login session index is invalid

DESTINATION_EXCEPTION

Saml attribute destination is invalid

IDENTITY_PROVIDER_EXCEPTION

External identity provider is invalid

IN_RESPONSE_TO

Saml attribute in response attribute is invalid

ISSUER_EXCEPTION

Saml attribute issuer is invalid

DATALOGGER.ALREADY_ACTIVATED

Already activated

DATALOGGER.ALREADY_DEACTIVATED

Already deactivated

DATALOGGER.SYSLOG_CONFIG_TEST_FAILED

Syslog configuration test failed

DATALOGGER.SYSLOG_CONFIG_NOT_FOUND

Syslog configuration not found

PAM_CONFIG_DATA_NOT_FOUND

Pam Configuration data not found

PAM_INVALID_CONFIG

Invalid Pam Configuration found

PAMSRVC.INTERNAL_ERROR

Invalid password. Please try again

PAMSRVC.PAM_CONNECTION_FAIL

Connection Fail

PAMSRVC.CONNECTION_FAILED

Connection Fail

REPORT.INVALID_ARGUMENTS

Please correct the input and try again

PROVSRVC.PASSWORDFILTER_AND_APPLICATION_DOES_NOT_SAME

Filtered application and included/excluded cannot be the same

PROVSRVC.PASSWORDFILTER_ALREADY_CONFIGURED

Application is already configured for password filter

dagsrvc.INVALID_ARGUMENTS

Invalid argument.

dagsrvc.INVALID_ARGUMENTS

Invalid argument.

dagsrvc.SERVER_NAME_ALREADY_EXIST_EXCEPTION

Server name already exit.

dagsrvc.ROOT_LOCATION_NOT_FOUND

Server details not found.

DAGSRVC.DAG_SHARED_SERVER_ALREADY_EXISTS

Server Configuration already exist

DAGSRVC.DAG_SHARED_SERVER_NOT_FOUND

One or more shared servers not found

PROVSRVC.APPLICATION_ROLE_NOT_FOUND

Application Role not found

PORTAL.EXPIRY_DATA_NOT_FOUND

Expiry data not found

PORTAL.EXPIRED_LINK

Link has been expired

REGSRVC.ACCOUNT_NOT_ACTIVE

Tenant account inactive. Please contact support

USRSRVC.IMPORT_SCHEMA_NOT_FOUND

Import template not found

SLFSRVC.OPERATION_NOT_ACTIVE

Operation not configured

WKFLSRVC.WORKFLOW_PREFERENCE_CONFIG_NOT_FOUND

Workflow Preference Config not found

USRSRVC.GROUP_ALREADY_ASSIGN_TO_USER

Group Already Assigned to User.

USRSRVC.USER_INACTIVE_CONFIG_NOT_FOUND

Inactive User Config not found

UTILSRVC.TEAMS_CONFIG_ALREADY_EXIST

Teams Config already exist

UTILSRVC.TEAMS_CONFIG_NOT_FOUND

Teams Config Not Found

PAMSRVC.RULE_CONFIGURE_ALREADY_EXIST

Configuration already exists

PAMSRVC.EMPTY_CONDITION_EXCEPTION

Empty Condition exception

SLFSRVC.INVALID_MANAGER_EXCEPTION

Invalid Manager

SLFSRVC.INVALID_MANAGER

Invalid Manager

SLFSRVC.USER_NOT_FOUND

User not found. Please try again.

WKFLSRVC.SELF_APPROVAL_CONFIG_EXIST

Self Approval config already exists

WKFLSRVC.SELF_APPROVAL_CONFIG_NOT_FOUND

Self Approval config not found

MFASRVC.RESEND_PERIOD_NOT_ALLOWED

Please wait we are enabling resend operation

MFASRVC.RESEND_TIME_EXCEED

Allowed resend attempt exceed please try after some time

ANALYTICS.INVALID_LOG_ARGUMENTS

Invalid arguments

ANALYTICS.UNAUTHORIZED

Unauthorized. Please contact cymmetri administrator.

ANALYTICS.ALREADY_ACTIVATED

Already activated

ANALYTICS.ALREADY_DEACTIVATED

Already deactivated

DATALOGGER.ALREADY_EXISTS

Already exists

DATALOGGER.CONNECTION_FAILED

Connection Fail

DATALOGGER.FORBIDDEN

Please contact system administrator.

DATALOGGER.INVALID_ARGUMENTS

Invalid arguments

DATALOGGER.SYNC_NOT_SUPPORTED

Sync not supported

ANALYTICS.SYSLOG_CONFIG_NOT_FOUND

Syslog configuration not found

ANALYTICS.SYSLOG_CONFIG_TEST_FAILED

Syslog configuration test failed

DATALOGGER.UNAUTHORIZED

Unauthorized. Please contact cymmetri administrator.

REPORT.ALREADY_ACTIVATED

Already activated

REPORT.ALREADY_DEACTIVATED

Already deactivated

REPORT.ALREADY_EXISTS

Already exists

ANALYTICS.CONNECTION_FAILED

Failed to send report.

REPORT.CONTENT_NOT_FOUND

Content not found

REPORT.EMAIL_EXISTS

Email already exists

ANALYTICS.EMAIL_NOT_EXISTS_EXCEPTION

User Email Not Found. Please contact cymmetri administrator.

REPORT.FORBIDDEN

Please contact system administrator.

ANALYTICS.INVALID_ARGUMENTS

Please correct the input and try again

REPORT.INVALID_CRON_EXPRESSION

Invalid cron expression

REPORT.INVALID_FREQUENCY_CONFIG

Invalid frequency config

REPORT.INVALID_REPORT_CONFIG

Invalid report config

REPORT.INVALID_SCHEDULER_TASK_EXECUTION_ID

Invalid schedular task execution ID

REPORT.REPORT_BATCH_TASK_NOT_FOUND

Batch task not found

REPORT.REPORT_EXISTS_EXCEPTION

Report already exists

REPORT.REPORT_NOT_FOUND

Report not found

REPORT.SEND_EMAIL_FAILED_EXCEPTION

Email Sending failed

REPORT.UNAUTHORIZED

Please contact cymmetri administrator.

RISKENGINE.ALREADY_ACTIVATED

Already activated

RISKENGINE.ALREADY_DEACTIVATED

Already deactivated

RISKENGINE.ALREADY_EXISTS

Already exists

RISKENGINE.CONNECTION_FAILED

Connection Fail

RISKENGINE.CONNECTOR_NOT_AVAILABLE

Connector not available

RISKENGINE.FORBIDDEN

Please contact cymmetri administrator.

RISKENGINE.INVALID_ARGUMENTS

Invalid arguments

RISKENGINE.INVALID_RISK_SYNC_TASK_STATUS

Invalid risk sync task status

RISKENGINE.NO_MAPPING_FOUND

No mapping found

RISKENGINE.RISK_CONFIG_NOT_FOUND

Risk config not found

RISKENGINE.RISK_NOT_FOUND

Risk not found

RISKENGINE.RISK_SYNC_TASK_IN_PROGRESS

Risk sync task in progress

RISKENGINE.RISK_SYNC_TASK_NOT_IN_PROGRESS

Risk sync task not in progress

RISKENGINE.UNAUTHORIZED

Please contact cymmetri administrator.

RISKENGINE.UNSUPPORTED_FIELD

Field not supported

RISKENGINE.UNKNOWN

Please contact cymmetri administrator.

API Extension

Cymmetri framework to extend the out of box use cases and support custom requirements from the platform

Reference API calls

The following are the APIs calls.

Important Note:

RESTful API – Assigned application search user

Purpose: This API is used to create application hook

URL: http://<tenant_domain>/api/user/listByApplication

Method: POST

Example Request:

curl --location --request POST 'http://api.cymmetri.in/usersrvc/api/user/listByApplication' \

--header 'Content-Type: application/json' \

--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoiZ2s0MCIsImV4cCI6MTY0NzAxNzEwNywidXNlcklkIjoiNjE3MDE1YTNjMDQ4MTc1NmI3OThhY2EyIiwiaWF0IjoxNjQ3MDExMTA3fQ.8j711_L--eQHHfen2GPI1qWCmUWRd4n6O44HCZhuRSo' \

--data-raw '{

"keyword":"shu",

"pageNumber": "0",

"pageSize": "10",

"filter": {

"applicationId": "617253cc2fb4b2125b237b75"

"sortDirection": "ASC",

"sortOn": [

"id"

]

Sample Response:

On success:

{

"success": true,

"data": {

"content": [

{

"id": "619ce9a69139ca14885a4717",

"displayName": "John Snow",

"firstName": "John",

"lastName": "Snow",

"email": null,

"mobile": null,

"designation": "Developer",

"status": "ACTIVE",

"profilePic": null,

"login": "john.snow",

"initialLoginPending": true,

"startDate": null,

"endDate": null,

"provStatus": {

"617253cc2fb4b2125b237b75": "SUCCESS_UPDATE"

}

],

"pageable": {

"sort": [

{

"direction": "ASC",

"property": "id",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": true,

"descending": false

}

],

"pageNumber": 0,

"pageSize": 10,

"offset": 0,

"paged": true,

"unpaged": false

},

"last": true,

"totalPages": 1,

"totalElements": 1,

"sort": [

{

"direction": "ASC",

"property": "id",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": true,

"descending": false

}

],

"first": true,

"number": 0,

"numberOfElements": 1,

"size": 10,

"empty": false

},

"timestamp": "02-Mar-2022 01:58:57",

"message": null,

"errorCode": null

}

On failure:

Response 1#

{

"data": null,

"success": false,

"errorCode": "PROVSRVC.APPLICATION_NOT_FOUND",

"message": null,

"timestamp": "02-Mar-2022 01:59:39"

}

RESTful API – Assigned application search group

Purpose: This API is used to get an application hook for the provided application id and type.

URL: http://<tenant_domain>/api/group/groupListByApplication

Method: POST

applicationId: Application id

Example Request:

curl --location --request POST 'http://localhost:9080/api/group/groupListByApplication' \

--header 'Tenant: gk16'

--data-raw '{

"filter": {

"applicationId": "617253cc2fb4b2125b237b75"

"keyword": "gold",

"pageNumber": 0,

"pageSize": 10,

"sortDirection": "ASC",

"sortOn": [

"name"

]

Sample Response:

On success:

{

"success": true,

"data": {

"offset": 0,

"pageSize": 10,

"totalElements": 1,

"totalPages": 1,

"elements": [

{

"id": "621cdbb7776c95564c0313ab",

"name": "Gold",

"type": "LocalGroup",

"description": "Gold group",

"ouId": "",

"ouName": null,

"parentGroupIds": null,

"directParentGroupId": null,

"userCount": 0,

"appCount": 1

}

],

"pageNumber": 0,

"sort": {

"orders": [

{

"direction": "ASC",

"property": "name"

}

],

"sorted": true

}

},

"timestamp": "03-Mar-2022 05:29:23",

"message": null,

"errorCode": null

}

On failure:

Response 1#

{

"data": null,

"success": false,

"errorCode": "PROVSRVC.APPLICATION_NOT_FOUND",

"message": null,

"timestamp": "03-Mar-2022 05:29:49"

}

RESTful API – Application reconciliation pull filter search

Purpose: This API is used to list reconciliation pull for provided application id and keyword.

URL: https://<tenant_domain>/provsrvc/reconciliation/pull/search

Method: POST

applicationId: applicationId

keyword : keyword

Example Request:

curl --location --request POST 'https://mru18.cymmetri.in/provsrvc/reconciliation/pull/search' \

--header 'Tenant: mru18' \

--data-raw '{

"filter": {

"applicationId": "614b5d3489ad96554e89e2ab"

"keyword": "",

"pageNumber": 0,

"pageSize": 10,

"sortDirection": "DESC",

"sortOn": [

"updatedDateTime"

]

Sample Response:

On success:

{

"success": true,

"data": {

"content": [

{

"id": "621cca3f9423002d41cbbed4",

"name": "AD-ADMIN-USERS",

"type": "USER",

"status": "ACTIVE",

"applicationId": "614b5d3489ad96554e89e2ab",

"targetSystemSearchQueryFilter": null,

"idmRepositoryField": "login",

"sourceAttributeName": "cn",

"reconType": "PULL",

"reconMode": "FILTERED_RECONCILIATION",

"reconConditions": {

"TARGET_DELETED_IDM_EXISTS": "IGNORE",

"TARGET_EXTSTS_IDM_EXISTS": "IGNORE",

"TARGET_EXTSTS_IDM_NOT_EXISTS": "PROVISION"

},

"lastRunDateTime": null,

"createdDateTime": "2022-02-28T13:12:31.07",

"updatedDateTime": "2022-03-02T12:45:31.069",

"version": 2

},

...

],

"pageable": {

"sort": [

{

"direction": "DESC",

"property": "updatedDateTime",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": false,

"descending": true

}

],

"pageNumber": 0,

"pageSize": 10,

"offset": 0,

"paged": true,

"unpaged": false

},

"last": true,

"totalPages": 1,

"totalElements": 3,

"first": true,

"sort": [

{

"direction": "DESC",

"property": "updatedDateTime",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": false,

"descending": true

}

],

"numberOfElements": 3,

"size": 10,

"number": 0,

"empty": false

},

"timestamp": "03-Mar-2022 08:41:03",

"message": null,

"errorCode": null

}

On failure:

Response 1#

{

"success": false,

"data": null,

"timestamp": "03-Mar-2022 09:06:43",

"message": null,

"errorCode": "INVALID_ARGUMENTS"

}

Response 2#

{

"success": false,

"data": null,

"timestamp": "03-Mar-2022 09:06:43",

"message": null,

"errorCode": "PROVSRVC.UNKNOWN"

}

RESTful API – Application reconciliation push filter search

Purpose: This API is used to list reconciliation push for provided application id and keyword.

URL: http://<tenant_domain>/reconciliation/push/search

Method: POST

applicationId: Application Id.

keyword : keyword

Example Request:

curl --location --request POST 'https://mru18.cymmetri.in/provsrvc/reconciliation/pull/search' \

--header 'Tenant: mru18' \

--data-raw '{

"filter": {

"applicationId": "614b5d3489ad96554e89e2ab"

"keyword": "",

"pageNumber": 0,

"pageSize": 10,

"sortDirection": "DESC",

"sortOn": [

"updatedDateTime"

]

Sample Response:

On success:

{

"success": true,

"data": {

"content": [

{

"id": "62207b1655a2d10f525dc2bf",

"name": "AD-Admin",

"type": "USER",

"status": "ACTIVE",

"applicationId": "614b5d3489ad96554e89e2ab",

"idmSearchQueryFilter": {

"location": null,

"reportingManager": null,

"department": null,

"designation": null,

"group": null,

"email": null,

"mobile": null,

"status": [],

"userType": null,

"locked": false

},

"idmRepositoryField": "login",

"sourceAttributeName": "cn",

"reconType": "PUSH",

"reconMode": "FILTERED_RECONCILIATION",

"reconConditions": {

"IDM_DELETED_TARGET_EXISTS": "IGNORE",

"IDM_EXTSTS_TARGET_EXISTS": "IGNORE",

"IDM_EXTSTS_TARGET_NOT_EXISTS": "PROVISION"

},

"lastRunDateTime": null,

"createdDateTime": "2022-03-03T08:23:50.963",

"updatedDateTime": "2022-03-03T08:23:50.963",

"version": 0

}

…

],

"pageable": {

"sort": [

{

"direction": "DESC",

"property": "updatedDateTime",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": false,

"descending": true

}

],

"pageNumber": 0,

"pageSize": 10,

"offset": 0,

"paged": true,

"unpaged": false

},

"last": true,

"totalPages": 1,

"totalElements": 3,

"first": true,

"sort": [

{

"direction": "DESC",

"property": "updatedDateTime",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": false,

"descending": true

}

],

"numberOfElements": 3,

"size": 10,

"number": 0,

"empty": false

},

"timestamp": "03-Mar-2022 08:40:09",

"message": null,

"errorCode": null

}

On failure:

Response 1#

{

"success": false,

"data": null,

"timestamp": "03-Mar-2022 09:06:43",

"message": null,

"errorCode": "INVALID_ARGUMENTS"

}

Response 2#

{

"success": false,

"data": null,

"timestamp": "03-Mar-2022 09:06:43",

"message": null,

"errorCode": "PROVSRVC.UNKNOWN"

}

RESTful API – Application role filter search

Purpose: This API is used to list application roles with provided application id and keyword.

URL: http://<tenant_domain>/applicationRole/findAppRolesByApplicationId

Method: POST

application id: applicationId

keyword: keyword

Example Request:

curl --location --request POST 'https://mru18.cymmetri.in/provsrvc/applicationRole/findAppRolesByApplicationId' \

--header 'Tenant: mru18' \

--data-raw '{

"filter": {

"active": true,

"applicationId": "614b5d3489ad96554e89e2ab"

"keyword": "",

"pageNumber": 0,

"pageSize": 10,

"sortDirection": "ASC",

"sortOn": [

"id"

]

Sample Response:

On success:

{

"success": true,

"data": {

"content": [

{

"id": "621f2996a36e574d3e7ab4a7",

"roleId": "ROLE_ID_101",

"roleName": "ADMIN",

"roleDescreption": "This role is for admin users.",

"applicationId": "614b5d3489ad96554e89e2ab",

"cosoType": "Admin",

"active": false,

"mappedBusinessRoles": [],

"createdDateTime": "2022-03-02T08:23:50.608",

"updatedDateTime": "2022-03-02T13:48:54.189",

"version": 3

},

...

],

"pageable": {

"sort": [

{

"direction": "ASC",

"property": "id",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": true,

"descending": false

}

],

"pageNumber": 0,

"pageSize": 10,

"offset": 0,

"paged": true,

"unpaged": false

},

"last": true,

"totalPages": 1,

"totalElements": 3,

"first": true,

"sort": [

{

"direction": "ASC",

"property": "id",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": true,

"descending": false

}

],

"numberOfElements": 3,

"size": 10,

"number": 0,

"empty": false

},

"timestamp": "03-Mar-2022 09:20:03",

"message": null,

"errorCode": null

}

On failure:

Response 1#

{

"success": false,

"data": null,

"timestamp": "03-Mar-2022 09:06:43",

"message": null,

"errorCode": "INVALID_ARGUMENTS"

}

Response 2#

{

"success": false,

"data": null,

"timestamp": "03-Mar-2022 09:06:43",

"message": null,

"errorCode": "PROVSRVC.UNKNOWN"

}

RESTful API – Application Policy Map filter search

Purpose: This API is used to search PolicymapTenant.

URL: http://<tenant_domain>/policyMapTenant/findAll

Method: POST

tenantApplicationId: Tenant Application Id

objectType: Mapping Object Type

internal: Internal Attribute

external: External Application Attribute

Example Request:

curl --location --request POST 'api.cymmetri.in/provsrvc/policyMapTenant/findAll' \

--data-raw '{

"keyword": "lastName",

"pageNumber": 0,

"pageSize": 10,

"filter": {

"tenantApplicationId": "61dd1da8db654e41881b5273",

"objectType": "USER"

"sortDirection": "DESC",

"sortOn": [

"internal"

]

Sample Response:

On success:

{

"success": true,

"data": {

"content": [

{

"id": "61dd1da8db654e41881b5281",

"internal": "lastName",

"external": "sn",

"mandatory": false,

"script": null,

"createdDateTime": "2022-01-11T06:03:20.202",

"updatedDateTime": "2022-01-11T06:03:20.202",

"version": 0,

"default_val": "",

"tenant_applicationId": "61dd1da8db654e41881b5273",

"object_type": "USER",

"isCustom": false,

"scriptEnable": false

}

],

"pageable": {

"sort": [

{

"direction": "DESC",

"property": "internal",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": false,

"descending": true

}

],

"pageNumber": 0,

"pageSize": 10,

"offset": 0,

"paged": true,

"unpaged": false

},

"last": true,

"totalPages": 1,

"totalElements": 1,

"first": true,

"sort": [

{

"direction": "DESC",

"property": "internal",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": false,

"descending": true

}

],

"numberOfElements": 1,

"size": 10,

"number": 0,

"empty": false

},

"timestamp": "03-Mar-2022 07:13:09",

"message": null,

"errorCode": null

}

RESTful API – App description in selfservice application list API

Purpose: This API is used to get paginated lists with filters.

URL: https://<tenant_domain>/selfservice/api/selfservice/applications

Method: POST

Example Request:

curl --location --request POST 'https://gk40.cymmetri.in/selfservice/api/selfservice/applications' \

--header 'Connection: keep-alive' \

--header 'Pragma: no-cache' \

--header 'Cache-Control: no-cache' \

--header 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96"' \

--header 'Accept: application/json' \

--header 'content-type: application/json' \

--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoiZ2s0MCIsImV4cCI6MTY0NzAxNDY2NywidXNlcklkIjoiNjE3MDE1YTNjMDQ4MTc1NmI3OThhY2EyIiwiaWF0IjoxNjQ3MDA4NjY3fQ.jP2BgjiOVUcdxhImVvdwy18puEylWSSOVHnWA_2hhJU' \

--header 'sec-ch-ua-mobile: ?0' \

--header 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36' \

--header 'sec-ch-ua-platform: "Linux"' \

--header 'Origin: https://gk40.cymmetri.in' \

--header 'Sec-Fetch-Site: same-origin' \

--header 'Sec-Fetch-Mode: cors' \

--header 'Sec-Fetch-Dest: empty' \

--header 'Referer: https://gk40.cymmetri.in/' \

--header 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \

--header 'Cookie: deviceId=6e4caedd-beaf-444c-9312-21b219bb3709; Correlation=B194B86832FB4683ABC43EA6077944E2; Correlation=1E83B306404E4E46A2F6BE7D5A79C3BC; RefreshToken=fc6b1bcc-1c00-4663-b6ef-441051fb2e57; sessionId=75bdbb27-cf85-4102-9ba7-0cc5a84f8fb4' \

--data-raw '{

"direction": "ASC",

"keyword": "",

"pageNumber": 0,

"pageSize": 16,

"sort": "NAME"

Sample Response:

On success:

{

"success": true,

"data": {

"offset": 0,

"pageSize": 16,

"totalElements": 5,

"totalPages": 1,

"elements": [

{

"endDate": null,

"deprovNotification": false,

"enabled": true,

"tagLine": "Directory service developed by Microsoft",

"id": "617253cc2fb4b2125b237b75",

"name": "Active Directory",

"appUrl": "",

"icon": "iVBORw0KGgoAAAANSUhEUgAAALoAAAC6CAYAAAAZDlfxAAAACXBIWXMAAAsSAAALEgHS3X78AAAgAElEQVR4nO2dCXQU17nnv1tb.....truncated"

}

],

"pageNumber": 0,

"sort": {

"orders": [

{

"direction": "ASC",

"property": "NAME"

}

],

"sorted": true

}

},

"timestamp": "03-Mar-2022 05:41:09",

"message": null,

"errorCode": null

}

RESTful API – New Joiner List API

Purpose: This API is used to get list of selfservice dashboard new Joiner list of logged in users.

URL: http://<tenant_url>/usersrvc/api/user/getSubOrdinates

Method: POST

Example Request: Need to pass filter as createdFrom and createdTo date time difference for seven day.

curl --location --request POST 'http://api.cymmetri.in/usersrvc/api/user/getSubOrdinates' \

--header 'Content-Type: application/json' \

--header 'Tenant: gk17' \

--header 'UserId: 61e81227aa505f4393b93405' \

--data-raw '{

"filter": {

"createdFrom": "2022-01-04T10:26:56.030Z",

"createdTo": "2022-03-04T10:26:56.030Z"

"keyword": "",

"pageNumber": 0,

"pageSize": 10,

"sortDirection": "ASC",

"sortOn": [

"id"

]

Sample Response:

On success:

{

"success": true,

"data": {

"content": [

{

"login": "nilesh",

"displayName": "Nilesh Dhepe",

"userId": "61e947c37dce7c5e40134f1f",

"profilePic": null,

"qualitativeRisk": null,

"sodViolations": null

},

{

"login": "workflow.one",

"displayName": "Test Workflow",

"userId": "61ee658de3a8361263cab0d1",

"profilePic": null,

"qualitativeRisk": null,

"sodViolations": null

},

{

"login": "workflow.two",

"displayName": "Test Workflow",

"userId": "61f7b3b50d84c22f79e1debd",

"profilePic": null,

"qualitativeRisk": null,

"sodViolations": null

},

{

"login": "mrunal",

"displayName": "Mrunal Chaple",

"userId": "61f8cda757a8e27934066a91",

"profilePic": null,

"qualitativeRisk": null,

"sodViolations": null

},

{

"login": "manoj.b",

"displayName": "Manoj Barapatre",

"userId": "61f8d81883126a511188e2ae",

"profilePic": null,

"qualitativeRisk": null,

"sodViolations": null

},

{

"login": "man.ba",

"displayName": "Manoj Bara",

"userId": "61f9160ed9800d4dbbc1baed",

"profilePic": null,

"qualitativeRisk": null,

"sodViolations": null

}

],

"pageable": {

"sort": [

{

"direction": "ASC",

"property": "id",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": true,

"descending": false

}

],

"pageNumber": 0,

"pageSize": 10,

"offset": 0,

"paged": true,

"unpaged": false

},

"last": true,

"totalElements": 6,

"totalPages": 1,

"first": true,

"number": 0,

"sort": [

{

"direction": "ASC",

"property": "id",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": true,

"descending": false

}

],

"numberOfElements": 6,

"size": 10,

"empty": false

},

"timestamp": "04-Mar-2022 10:39:22",

"message": null,

"errorCode": null

}

On failure:

Response 1#

{

"success": true,

"data": null,

"timestamp": "04-Mar-2022 10:39:22",

"message": null,

"errorCode": null

}

RESTful API – On board API - Get App incomplete config

Purpose: This API is used to get count of onboard application config incomplete.

URL: http://<tenant_url>/provsrvc/applicationTenant/getApplicationIncompleteConfig

Method: GET

Example Request:

curl --location --request GET 'http://api.cymmetri.in/provsrvc/applicationTenant/getApplicationIncompleteConfigCount' \

--header 'Tenant: gk17' \

--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJnazE3IiwiZGVsZWdhdGVlIjpudWxsLCJkZWxlZ2F0ZWVJZCI6bnVsbCwiZmlyc3RMb2dpbiI6ZmFsc2UsInJvbGVzIjpbIk9SR19BRE1JTiIsIlVTRVIiXSwidGVuYW50SWQiOiJnazE3IiwiZXhwIjoxNjQ2NjQ2NjQ0LCJ1c2VySWQiOiI2MWU4MTIyN2FhNTA1ZjQzOTNiOTM0MDUiLCJpYXQiOjE2NDY2NDA2NDR9.snwC7XVRWM5S-gCP53fXXObh9aROFtZDtfOXQCUDPps'

Sample Response:

On success{

"success": true,

"data": 3,

"timestamp": "07-Mar-2022 08:11:48",

"message": null,

"errorCode": null

}

On failure:

Response 1#

{

"success": true,

"data": 0,

"timestamp": "04-Mar-2022 10:39:22",

"message": null,

"errorCode": null

}

RESTful API – On board API - Get appCount, adminCount, UserCount

Purpose: This API is used to get count of application, admin and user.

URL: http://<tenant_url>/usersrvc/api/user/getOnboardCount

Method: GET

Example Request:

curl --location --request GET 'http://api.cymmetri.in/usersrvc/api/user/getOnboardCount' \

--header 'Content-Type: application/json' \

--header 'Tenant: n23' \

--header 'UserId: 6176c0b33c79f20dde6fd732' \

Sample Response:

On success:

{

"success": true,

"data": {

"appCount": 9,

"adminCount": 1,

"userCount": 25

},

"timestamp": "07-Mar-2022 08:11:27",

"message": null,

"errorCode": null

}

On failure:

Response 1#

{

"success": true,

"data": {

"appCount": 0,

"adminCount": 0,

"userCount": 0

},

"timestamp": "07-Mar-2022 08:11:27",

"message": null,

"errorCode": null

}

RESTful API – System KPIs API

Purpose: This API is used to get the count of application,role,rule,workflow,password policy,active user,total user and unlogged user.

URL:https://<tenant_url>/usersrvc/api/user/getSystemKPICount

Method: GET

Example Request:

curl --location --request GET 'https://macos.cymmetri.in/usersrvc/api/user/getSystemKPICount' \

--header 'Accept: application/json' \

--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoibWFjb3MiLCJleHAiOjE2NDcwMDg1MjUsInVzZXJJZCI6IjYxN2Y4YmIxZDE5MDViNjcyYzQ3N2QzMiIsImlhdCI6MTY0NzAwMjUyNX0.JzhcbfcQXxZoCYH5Mi_HmRCHZf_FVIr3OYrewl7vkjc'

Sample Response:

On success:

{

"success": true,

"data": {

"appCount": 80,

"roleCount": 5,

"activeUserCount": 128,

"totalUserCount": 131,

"unloggedUserCount": 106,

"passwordPolicyCount": 2,

"workflowCount": 3,

"ruleCount": 6

},

"timestamp": "11-Mar-2022 12:42:30",

"message": null,

"errorCode": null

}

On failure:

Response 1#

{

"success": true,

"data": {

"appCount": 0,

"roleCount": 0,

"activeUserCount": 0,

"totalUserCount": 0,

"unloggedUserCount": 0,

"passwordPolicyCount": 0,

"workflowCount": 0,

"ruleCount": 0

},

"timestamp": "11-Mar-2022 12:42:30",

"message": null,

"errorCode": null

}

RESTful API – Request, Claims and My Request Count

Purpose: This API is used to get count of requests, claims and my requests.

URL: https://<tenant_url>/workflowsrvc/api/workflowtaskassignment/user/request/claims/count

Method: GET

Example Request:

curl --location --request GET 'https://gk40.cymmetri.in/workflowsrvc/api/workflowtaskassignment/user/request/claims/count' \

--header 'Tenant: gk40' \

--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtcnUxOCIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoibXJ1MTgiLCJleHAiOjE2NDY2NzE2MTYsInVzZXJJZCI6IjYxNGI1Yjc1ODVmODU0NGYxY2RkOTcxNSIsImlhdCI6MTY0NjY2NTYxNn0.bViQdrikfQD1xdI6Waf_Sk6LOYQh-ilHVq4dMYfVt3E'

Sample Response:

On success:

{

"success": true,

"data": {

"requestCount": 12,

"clamisCount": 6,

"requestorCount": 0

},

"timestamp": "10-Mar-2022 07:07:48",

"message": null,

"errorCode": null

}

On failure:

Response 1#

{

"success": true,

"data": {

"requestCount": 0,

"clamisCount": 0,

"requestorCount": 0

},

"timestamp": "04-Mar-2022 10:39:22",

"message": null,

"errorCode": null

}

RESTful API – Applications assigned to user API search

Purpose: This API is used to search application assigned to user.

URL: https://<tenant_url>/usersrvc/api/user/listApplications

Method: POST

Example Request:

curl --location --request POST 'https://s3.cymmetri.in/usersrvc/api/user/listApplications' \

--data-raw '{

"pageNumber": 0,

"pageSize": 20,

"userId": "61d7f610dd92d761faa278f2",

"appName":"service"

Sample Response:

On success:

{

"success": true,

"data": {

"offset": 0,

"pageSize": 12,

"totalElements": 1,

"totalPages": 1,

"elements": [

{

"appId": "6226051994c38e414989eccd",

"appName": "ServiceNow",

"tagLine": "Workflow Automation Platform",

"status": "",

"appType": "GROUP",

"groupId": "61dea46ef515150ebe517b0d",

"endDate": null,

"provisionEnable": true,

"assignRoles": null

}

],

"pageNumber": 0,

"sort": null

},

"timestamp": "11-Mar-2022 01:06:33",

"message": null,

"errorCode": null

}

RESTful API – List of assigned & unassigned application

Purpose: This API is used to get assigned and unassigned application.

URL: https://<tenant_url>/provsrvc/applicationTenant/applicationListByPage

Method: POST

Example Request:

curl --location --request POST 'https://s3.cymmetri.in/provsrvc/applicationTenant/applicationListByPage' \

--data-raw '{

"displayName": "",

"order": "DESC",

"pageNo": 0,

"size": 10,

"sortBy": "displayName",

"tag": "",

"userId":"61d7f610dd92d761faa278f2"

Sample Response:

On success:

{

"success": true,

"data": {

"content": [

{

"id": "61dbfdf6b30690468b0d4a79",

"appName": "Google Workplace",

"icon": null,

"tagLine": "Integrated Collaboration & Productivity Apps from Google",

"status": "ACTIVE",

"provisionEnable": false,

"ssoEnable": true,

"assigned": true

},

{

"id": "61dd1da8db654e41881b5273",

"appName": "Active Directory",

"icon": null,

"tagLine": "Directory service developed by Microsoft",

"status": "ACTIVE",

"provisionEnable": true,

"ssoEnable": false,

"assigned": true

},

{

"id": "6225f81edd7111640e094f8d",

"appName": "Google Workplace5",

"icon": null,

"tagLine": "Integrated Collaboration & Productivity Apps from Google",

"status": "ACTIVE",

"provisionEnable": true,

"ssoEnable": false,

"assigned": true

}

],

"pageable": {

"sort": [

{

"direction": "DESC",

"property": "displayName",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": false,

"descending": true

}

],

"pageNumber": 0,

"pageSize": 10,

"offset": 0,

"paged": true,

"unpaged": false

},

"totalPages": 2,

"totalElements": 12,

"last": false,

"first": true,

"sort": [

{

"direction": "DESC",

"property": "displayName",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": false,

"descending": true

}

],

"numberOfElements": 10,

"size": 10,

"number": 0,

"empty": false

},

"timestamp": "11-Mar-2022 02:10:38",

"message": null,

"errorCode": null

}

RESTful API – Application Access expiring new API

Purpose: This API is used to get list of application of user with there expiry days

URL: https://<tenant_url>/selfservice/api/selfservice/applicationswithexpiry

Method: POST

Example Request:

curl --location --request POST 'https://as100.cymmetri.in/selfservice/api/selfservice/applicationswithexpiry' \ --header 'Connection: keep-alive' \ --header 'Pragma: no-cache' \ --header 'Cache-Control: no-cache' \ --header 'sec-ch-ua: "Google Chrome";v="93", " Not;A Brand";v="99", "Chromium";v="93"' \ --header 'Accept: application/json' \ --header 'content-type: application/json' \ --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoiYXMxMDAiLCJleHAiOjE2NDcwMDk4NzgsInVzZXJJZCI6IjYyMTRkYjdiZDY2MWE1NzM4NmE3MWYxMCIsImlhdCI6MTY0NzAwMzg3OH0.LKZci0Yqeoyn4RHUIyYBFq7O5ATeDuCerZ0QdJ243gY' \ --header 'sec-ch-ua-mobile: ?0' \ --header 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36' \ --header 'sec-ch-ua-platform: "Linux"' \ --header 'Origin: https://as100.cymmetri.in' \ --header 'Sec-Fetch-Site: same-origin' \ --header 'Sec-Fetch-Mode: cors' \ --header 'Sec-Fetch-Dest: empty' \ --header 'Referer: https://as100.cymmetri.in/' \ --header 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \ --header 'Cookie: deviceId=48ba110c-c93c-45ac-92dc-3c6e04e74473; app_73e5c5f8-276b-47bb-a6a5-b6f82a779d79=e689a8da-faa7-46f5-9c7a-2800abdd206a; Correlation=C43A4277E7AB46178F0000BE4DD72F0C; RefreshToken=1ac7eea6-28a6-4bb8-997f-d7381a3dd7d1; sessionId=3417319f-789a-4849-8faa-bf180f4bec14; device=cf7bbf2a-161c-11ec-b3ec-39287c680726' \ --data-raw '{ "keyword": "", "pageNumber": 0, "pageSize": 10, "filter": {}, "sortDirection": "DESC", "sortOn": [ "plannedStart" ] }'

Sample Response:

On success:

{

"success": true,

"data": {

"offset": 0,

"pageSize": 10,

"totalElements": 3,

"totalPages": 1,

"elements": [

{

"id": "62220c747dab08061e00ba7b",

"name": "Active Directory",

"icon": "iVBORw0KGgoAAAANSUhEUgAAALoAAAC6CAYAAAAZDlfxAAAACXBIWXMAAAsSAAALEgHS3X78AAAgAElEQVR4nO2dCXQU17nnv1tb71q7BUJIzW7Jxo5N6zlOsPD2COBlEsnbiZFf,

"period": 20,

"tagLine": "Directory service developed by Microsoft"

},

{

"id": "62260e904f6c552b8b489c20",

"name": "Google Workplace",

"icon": "iVBORw0KGgoAAAANSUhEUgAAALoAAAC6CAIAAACWbMCmAAAACXBIWXMAAAsSAAALEgHS3X78AAAgAElEQVR4nO2dd3wURf/Ht1xLcnfpvUB6uRRSKFKl9w6C+KgPj2B57D6gD/o8iOVBEaQIiCiIgoBKNSAgVXoPISG910u5S0+u7/xed3vZ27vsXW6T4A+fZ97/ZLM7uzs7+9mZ73xn5nsoAACBQOwDg+UEsR8oFwgLoFwgLIBygbAAygXCAigXCAugXCAsgHKBsADKBcICKBcIC6BcICyAcoGwAMoFwgIoFwgLoFwgLIBygbAAygXCAigXCAugXCAsgHKBsADKBcICKBcIC6BcICyAcoGwAMoFwgIoFwgLoFwgLIBygbAAygXCAigXCAugXCAsgHKBsADKBcICKBcIC6BcICyAcoGwAMoFwgIoFwgLoFwgLIBygbAAygXYQGUC4QFUC4QFkC5QFgA5QKxFwRB/g+Z9ki2AOTkrgAAAABJRU5ErkJggg==",

"period": 5,

"tagLine": "Integrated Collaboration & Productivity Apps from Google"

},

{

"id": "62260e994f6c552b8b489c28",

"name": "PowerShell",

"icon": "iVBORw0KGgoAAAANSUhEUgAAALoAAAC6CAYAAAAZDlfxAT/gAAAABJRU5ErkJggg==",

"period": 4,

"tagLine": "Command-line Shell from Microsoft"

}

],

"pageNumber": 0,

"sort": {

"orders": [

{

"direction": "DESC",

"property": "plannedStart"

}

],

"sorted": true

}

},

"timestamp": "11-Mar-2022 01:42:30",

"message": null,

"errorCode": null

}

RESTful API – Password Policy - maximum (optional)- minimum (required) password length

Purpose: This API is used to validate password against password policy

URL: https://<tenant_url>/authsrvc/passwordPolicy/pub/validate

Method: POST

Example Request:

curl 'https://as100.cymmetri.in/authsrvc/passwordPolicy/pub/validate' \

-H 'Connection: keep-alive' \

-H 'Pragma: no-cache' \

-H 'Cache-Control: no-cache' \

-H 'sec-ch-ua: "Google Chrome";v="93", " Not;A Brand";v="99", "Chromium";v="93"' \

-H 'content-type: application/json' \

-H 'sec-ch-ua-mobile: ?0' \

-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36' \

-H 'tenant: as100' \

-H 'sec-ch-ua-platform: "Linux"' \

-H 'Accept: */*' \

-H 'Origin: https://as100.cymmetri.in' \

-H 'Sec-Fetch-Site: same-origin' \

-H 'Sec-Fetch-Mode: cors' \

-H 'Sec-Fetch-Dest: empty' \

-H 'Referer: https://as100.cymmetri.in/' \

-H 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \

-H 'Cookie: deviceId=fa83c4b1-7c85-467d-9b46-ffbc70efad97; Correlation=9928D5133AED419CBC01591B56483953; app_73e5c5f8-276b-47bb-a6a5-b6f82a779d79=e689a8da-faa7-46f5-9c7a-2800abdd206a; device=cf7bbf2a-161c-11ec-b3ec-39287c680726' \

--data-raw '{"password":"U2FsdGVkX191zbRQpSQz+rdxyAacEqD1G5Mx5wKtPV5ElwKZu7/TFHFLuCNH+v63G8k7sTFDa5gNYG9SQ+0ix4eZdTvLcJbELGm2yjUWjx2a6jH3JnP/USl2efCC9nDvufmqUhSbIPA0Nc1PZUqM+PPk+TpCFSoKtKwBPWeBa/LYjlYt11u++aTuVGsd/rOaWJxqINPRHIk6Ax89LfhM8+H6VKc4+ybfearoCJgHWCPE/X566hiYZJEKcMGe7u0OpUzGUMlyguBtfYlWlT7tcdP6x/rXlqs8vNTLk/HboYLv10UkB0ifsQ64c7fSQ/ofZKjQlqehpP4+SzIi4OiqRQikP9MOkKZWl9YJdGXZs+mUuzfEs9UGINMYBk1hSCq6xGb9mfE0vyFeVAyY/6oGgQ==","login":"totp","userId":"6214def0a251e06721ed8594"}' \

--compressed

Sample Response:

On success:

{"success":true,"data":null,"timestamp":"11-Mar-2022 01:40:38","message":null,"errorCode":null}

On failure:

Response 1#

{"success":false,"data":null,"timestamp":"11-Mar-2022 01:39:40","message":null,"errorCode":"AUTHSRVC.PASSWORD_COMPOSITION_RULE_VIOLATION"}

RESTful API – New Application count API (7 days)

Purpose: This API is used to get count of application

URL: http://<tenant_url>/api/selfservice/newApplicationsCount

Method: GET

Example Request:

curl --location --request GET 'http://localhost:8080/api/selfservice/newApplicationsCount' \

--header 'Connection: keep-alive' \

--header 'Pragma: no-cache' \

--header 'Cache-Control: no-cache' \

--header 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"' \

--header 'Accept: application/json' \

--header 'content-type: application/json' \

--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoiZ2s0MCIsImV4cCI6MTY0Njc0OTkzMiwidXNlcklkIjoiNjE3MDE1YTNjMDQ4MTc1NmI3OThhY2EyIiwiaWF0IjoxNjQ2NzQzOTMyfQ.puFKgrNoHZtRl6P4LxzFd9KQM_-EB-45DqqP4zywws8' \

--header 'sec-ch-ua-mobile: ?0' \

--header 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36' \

--header 'sec-ch-ua-platform: "Linux"' \

--header 'Sec-Fetch-Site: same-origin' \

--header 'Sec-Fetch-Mode: cors' \

--header 'Sec-Fetch-Dest: empty' \

--header 'Referer: https://gk40.cymmetri.in/' \

--header 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \

--header 'Cookie: deviceId=6e4caedd-beaf-444c-9312-21b219bb3709; Correlation=B194B86832FB4683ABC43EA6077944E2; app_73e5c5f8-276b-47bb-a6a5-b6f82a779d79=e689a8da-faa7-46f5-9c7a-2800abdd206a; device=41b5bf50-9def-11ec-8665-953ee8af105c; Correlation=1B9449F921B043B9B513E99D253894CE; RefreshToken=b8ada8a1-d089-4a39-b3e1-72c04ce202fe; sessionId=130e95df-69a5-4462-a8b5-c04b53e97e64' \

--header 'Tenant: gk40' \

--header 'userId: 617015a3c0481756b798aca2'

Sample Response:

On success:

{"success": true,"data": 1,"timestamp": "11-Mar-2022 02:13:39","message": null,"errorCode": null}

RESTful API – Campaigns/access review search by campaign name

Purpose: This API is used to get list of campaign

URL: https://<tenant_url>/igsrvc/api/ig/campaign/execution/history/list-summary/reviewer

Method: POST

Example Request:

curl --location --request POST 'https://gk40.cymmetri.in/igsrvc/api/ig/campaign/execution/history/list-summary/reviewer' \

--header 'Connection: keep-alive' \

--header 'Pragma: no-cache' \

--header 'Cache-Control: no-cache' \

--header 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"' \

--header 'Accept: application/json' \

--header 'content-type: application/json' \

--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoiZ2s0MCIsImV4cCI6MTY0NzAxNDY2NywidXNlcklkIjoiNjE3MDE1YTNjMDQ4MTc1NmI3OThhY2EyIiwiaWF0IjoxNjQ3MDA4NjY3fQ.jP2BgjiOVUcdxhImVvdwy18puEylWSSOVHnWA_2hhJU' \

--header 'sec-ch-ua-mobile: ?0' \

--header 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36' \

--header 'sec-ch-ua-platform: "Linux"' \

--header 'Origin: https://gk40.cymmetri.in' \

--header 'Sec-Fetch-Site: same-origin' \

--header 'Sec-Fetch-Mode: cors' \

--header 'Sec-Fetch-Dest: empty' \

--header 'Referer: https://gk40.cymmetri.in/' \

--header 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \

--header 'Cookie: deviceId=6e4caedd-beaf-444c-9312-21b219bb3709; Correlation=B194B86832FB4683ABC43EA6077944E2; Correlation=C27A4466A21046309B58FD53AEF4A2C5; RefreshToken=4ec80313-bed3-44e5-9081-33eb9ba301f2; sessionId=32ceee83-781e-45d6-9c2c-2acc8741a944' \

--data-raw '{

"filter": {

"campaignName": "Campaign For"

"keyword": "",

"pageNumber": 0,

"pageSize": 10,

"sortDirection": "ASC",

"sortOn": [

"startDate"

]

Sample Response:

On success:

{

"data": {

"content": [

{

"executionId": "61a865c69c60c83eb2d2cf0e",

"name": "Campaign For Bug_w8z89q",

"description": "",

"campaignId": "61a8657c9c60c83eb2d2cf0c",

"revision": 1,

"iteration": 1,

"status": "COMPLETED",

"remarks": "",

"startMode": "MANUAL",

"startDate": "2021-12-02",

"endMode": "MANUAL",

"endDate": "2021-12-02",

"plannedEnd": "2021-12-05",

"totalAssignments": 41,

"pendingAssignments": 41,

"approvedAssignments": 0,

"rejectedAssignments": 0

},

{

"executionId": "6225c00ab21ac3024d5a1d91",

"name": "Campaign For Bug_w8z89q",

"description": "",

"campaignId": "61a8657c9c60c83eb2d2cf0c",

"revision": 1,

"iteration": 2,

"status": "COMPLETED",

"remarks": "",

"startMode": "MANUAL",

"startDate": "2022-03-07",

"endMode": "AUTO",

"endDate": "2022-03-10",

"plannedEnd": "2022-03-10",

"totalAssignments": 40,

"pendingAssignments": 40,

"approvedAssignments": 0,

"rejectedAssignments": 0

}

],

"pageable": {

"sort": [

{

"direction": "ASC",

"property": "startDate",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": true,

"descending": false

}

],

"pageNumber": 0,

"pageSize": 10,

"offset": 0,

"paged": true,

"unpaged": false

},

"totalPages": 1,

"totalElements": 2,

"last": true,

"first": true,

"sort": [

{

"direction": "ASC",

"property": "startDate",

"ignoreCase": false,

"nullHandling": "NATIVE",

"ascending": true,

"descending": false

}

],

"numberOfElements": 2,

"size": 10,

"number": 0,

"empty": false

},

"errorCode": null,

"message": null,

"success": true,

"timestamp": "11-Mar-2022 02:38:11"

}

API Response Codes

API

Status

Error Code

Message

Create API

200

500

Internal Server Error

401

Unauthorized

403

Forbidden

404

Not Found

Update API

200

500

Internal Server Error

401

Unauthorized

403

Forbidden

404

Not Found

3.1.6

Getting Started

What is Cymmetri?

What is Cymmetri?

Release Notes

3.0.1-Beta

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

Fixes

Known Bug

3.0.2-Beta

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

Fixes

Known Bugs

3.0.3-Beta

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

Fixes

Known Bugs

3.0.4-Beta

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

Fixes

Known Bugs

3.0.5-Beta

3.0.6-Beta

New Features

Fixes

Known Bugs

3.0.7-Beta

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

Fixes

Known Bugs

3.0.8-Beta

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

Fixes

Known Bugs

3.0.9-Beta

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

Fixes

Known Bugs

3.0.10-Beta

New Features

Fixes

Known Bugs

3.0.11-Beta

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

Fixes

Known Bugs

3.0.12-Beta

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

Fixes

Known Bugs

3.1.0 - Product Release

New Features

Fixes

Known Bugs

3.1.1-Beta

New Features

Fixes

Known Bugs

3.1.2 - Product Release

New Features

Fixes

Known Bugs

3.1.3-Beta

New Features

Fixes

Known Bugs

3.1.4-Beta

New Feature

Fixes

Known Bugs

3.1.5-Beta

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.

To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.