Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Entitlement management "target" info not reflecting information in Azure AD after change

Brass Contributor

I changed the user's displayname in AAD and then I noticed when I extracted user info from the Entitlement Management API using:

 

https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentReq...}?$expand=accessPackageAssignment($expand=target)

 

That the target displayname there is still showing the older one. I have waited a couple of hours but nothing has changed. I'm starting to assume that Entitle Management caches some meta data itself but how long would it take before this change would be reflected back to EM. Does anyone know the syncing schedule perhaps on this?

3 Replies
I find it strange we're supposed to set a displayName in the API in the first place. It makes me think it's not synced at all, but just stored as part of the static identity governance configuration.
Yes I noticed EM has its own cached data. In fact they added a preview button to "refresh" some data in the catalog because even for group name changes the data gets cached and would show the old name instead.
I don't think its limited to entitlement management either. What I was saying above was that when you define various objects, such as access reviews, you have to supply the displayname and the guid of the user yourself. I don't know that its really a cache that ever refreshes...