Hi, I have provisioning roles named RF.xxxxx, and I want to implement a xpress policy to avoid in Identity Manager to request more thatn two RF.xxxx roles. I'm configuring the xpress policy but I only get provisioning roles that the user has, I use the attributes changed for userprovisioningroles for UI in xpress policy but doesn't work, always return false.
There is a rule in xpress policy that can get me the provisioning roles that I requested in the task that I can use in validate before submission step of the task?. I'm using CA Identity Minder 12.6 sp 6, I don't know if this behavior has fixed or which is the exact policy that I need to configure.
thanks