What happens when a user gets assigned a role while already having some access profiles?

When a user is assigned a role while already having some access profiles, the existing access is rolled up into the role. This means that any permissions or access rights that the user already possesses may be considered when determining the overall effect of the newly assigned role. The rolling up of access helps to streamline user permissions and avoids granting redundant or conflicting access.

This aligns with SailPoint Identity Now's approach of managing user access efficiently, so that combined entitlements through roles reflect a comprehensive view of a user's permissions. The identity governance process allows for better management of access rights and minimizes the risk of excessive or conflicting permissions while also ensuring that users maintain the access they need.

In contrast, the options suggesting that access might be discarded, duplicated, or that profiles must be redone do not align with the role-based access control principles and the efficient management strategy within SailPoint Identity Now. By rolling up existing access into the assigned role, the system effectively reduces redundancy and maintains a clear and manageable set of permissions for users.