Saviynt Certified Advanced IGA Professional (Level 200) SCAIP Exam Questions

Answer : B

The correct answer is B. REST Connector. Saviynt documentation explains that REST integration is intended for applications whose data and lifecycle actions are available through REST endpoints. It states that the REST integration enables organizations to gain visibility, manage the user lifecycle, and govern access for data available in the REST application or REST endpoint. That directly matches the question, which requires imports plus provisioning and deprovisioning for an API-driven target system.

Saviynt's REST connector documentation also notes that provisioning and deprovisioning are supported when the connection is configured correctly. This makes the REST connector the standard choice when the target system does not use an out-of-the-box native connector but does provide usable REST APIs. The other options do not fit the requirement. Active Directory Connector is specific to AD use cases, SMTP Configuration is only for email delivery, and Dataset Configuration is an administrative data-structuring feature rather than an application integration method. In Saviynt Level 200 terms, when an application is API-first and lifecycle actions must be automated, the REST connector is the appropriate design decision.

Answer : B, C

In Saviynt--ServiceNow integration, the synchronization ofRITM (Request Item) statusbetween Saviynt and ServiceNow is handled through bothmanual and automated mechanisms.

Option B is correct because users or administrators can manuallyclick the Refresh button on the RITM page in ServiceNowto immediately fetch the latest status from Saviynt. This is useful for real-time validation when monitoring request progress.

Option C is also correct as ServiceNow includes aRequest Item History Job, which runs periodically (commonly every minute) to automatically sync and update the RITM status based on the latest state in Saviynt. This ensures near real-time consistency between both systems without manual intervention.

Option A is incorrect because Postman API calls are not a standard or supported operational method for end users to refresh RITM status. Option D is unrelated, as regenerating catalog items does not impact ticket status synchronization.

Thus, the correct answers aremanual refresh and automated job-based synchronization.

Answer : B

The correct answer is B. Technical Rule. Saviynt documentation clearly states that a Technical Rule is primarily used to provision birthright access, also referred to as zero-day provisioning, to users joining the organization based on specified conditions. This is one of the most important distinctions in the Rules and Policies section of the Level 200 syllabus. Technical Rules are intended for automated access assignment logic, especially where access must be granted immediately when user attributes match business conditions such as department, location, or cost center.

The other options are not correct for this use case. User Update Rules are generally used to take actions when user records change and can support lifecycle events, but the documentation identifies Technical Rules as the primary mechanism for birthright provisioning. Scan Rules are used for detection and policy-based scanning use cases, not default access assignment. SAV Role controls platform authorization inside Saviynt rather than provisioning target application access. Saviynt also documents that entitlement assignments in a Birthright Rule can be parameterized using user attributes, which reinforces that Technical Rules are the intended framework for this type of zero-day access automation.

Answer : D

Saviynt EIC provides multiple flexible integration options with ServiceNow to support different business and operational use cases. Therefore,Option D (All of the above)is correct.

ServiceNow as a Managed Application (Option A)allows Saviynt to treat ServiceNow like any other application, enabling account provisioning, deprovisioning, and access governance directly within ServiceNow using REST connectors.

ServiceNow as a Request Form (Option B)enables organizations to leverage ServiceNow's front-end portal for access requests. Users can initiate requests in ServiceNow, which are then processed and fulfilled by Saviynt, ensuring seamless user experience while maintaining governance.

ServiceNow as a Ticketing System (ITSM) (Option C)is another key integration pattern where Saviynt generates tickets (incidents, requests, or tasks) in ServiceNow for approval workflows, provisioning actions, or tracking purposes. This ensures alignment with enterprise ITSM processes.

These multiple integration models provide flexibility, allowing organizations to choose the approach that best fits their operational and governance requirements.

Answer : C

In Saviynt EIC, generating anAuthorization Tokenfor API access is performed using theHTTP POST method. This is aligned with standard REST API authentication practices, where sensitive information such as credentials (username, password, client ID, or client secret) is securely transmitted in the request body rather than in the URL.

Saviynt provides API endpoints (such as/ECM/api/login) that require aPOST requestcontaining authentication details in JSON format. Upon successful authentication, the system returns asession token or authorization token, which is then used in subsequent API calls (typically passed in headers likeAuthorizationortoken).

Option A (PUT) and Option B (GET) are not suitable for authentication token generation. GET exposes parameters in the URL and is not secure for credential transmission, while PUT is typically used for updating resources. Option D (GIVE) is not a valid HTTP method.

Therefore, POST is the correct and secure method used in Saviynt APIs forauthentication and token generation, ensuring compliance with RESTful and security best practices.

Answer : A

In Saviynt EIC, when configuringdynamic attributes or custom forms, system variables are used to fetch context-specific data such as the currently logged-in user. To retrieve theDisplay Name of the logged-in user, the correct variable is${loggedInUser}, which directly represents the userkey of the active session user.

Option A correctly uses this variable in the SQL query to fetch the DISPLAYNAME from the Users table. This ensures that the attribute dynamically reflects the logged-in user's display name at runtime.

Option B is incorrect because${user.id}typically refers to the target user in a request context, not necessarily the logged-in user. Option C (${requestor}) may represent the requester in certain workflows but is not consistently equivalent to the logged-in user in all scenarios, especially in delegated or admin-driven requests.

Therefore, Option A is the most accurate and reliable approach for retrieving the logged-in user's display name in Saviynt configurations, ensuring proper context-aware data population.

Answer : C

In Saviynt EIC integration with ServiceNow as a ticketing system (ITSM), various JSON configurations are used to define how tickets are created, updated, and tracked. To enable users tocheck the status of tickets from EIC, the correct configuration isTICKETSTATUSJSON.

TICKETSTATUSJSONis specifically used to define how Saviynt retrieves the current status of a ticket from ServiceNow. It maps the API response fields from ServiceNow (such as state, status, or resolution) to Saviynt fields, allowing the system to display real-time ticket status within the EIC interface.

Option A (SYNCTICKETSTATUSJSON) is typically used for synchronization jobs that update ticket statuses in bulk, not for direct user-level status retrieval. Option B (CREATETICKETJSON) is used only for ticket creation, defining how requests are sent to ServiceNow. Option D is incorrect because Saviynt does support ticket status tracking through proper integration configuration.

Thus,TICKETSTATUSJSONis the correct option to enable visibility of ticket status within Saviynt EIC.