Feb 02 2023 03:06 AM
We are currently creating an offboarding process with the preview feature “Lifecycle workflows” in Identity Governance panel. We currently have these as tasks when the flow triggers at the attribute employeeleavedate:
Task 1: Disable user
Task2: Remove from all Teams
Task3: Remove from all groups
Task4: Email Manager
The lifecycle workflow runs as it should on the trigger date if the user is not assigned to any groups with roles. For instance, the user can have eligible PIM roles direct and the flow runs successfully, If the user has assigned roles from a group the flow fails with the error “Insufficient privileges to complete the operation.”.
Is this a bug in the workflow?
70% of our users have roles via groups and this means we wont be able to use the life cycle workflow.
Feb 02 2023 01:23 PM
Feb 02 2023 10:15 PM