Review request items (End user UI)
When an end user submits an access request, designated owners (approvers) must grant approval for the provisioning of resources.
The items on which approvers review and make decisions are referred to as request items.
Approvers review and make decisions on items referred to as request items in the Advanced Identity Cloud end-user UI. For more information, refer to End-user pages.
Sign on to the Advanced Identity Cloud end-user UI and navigate to Inbox > Approvals.
-
1 Click Inbox > Approvals from the Advanced Identity Cloud end-user UI to display the access requests landing page.
-
2 Filter submitted request items by status:
-
Pending — The items are pending review.
-
Completed — The approver reviewed the items and made a decision (approve or reject).
-
-
3 Click Sort By, and sort the items by an attribute in ascending or descending order.
-
4 Click Show Filters to filter by attributes or priority. An end user sets the priority when they create the access request.
-
5 Click on the item to view the details of the request.
Access request types
End users and managers can submit different access request types, such as removing and adding access requests.
The access request type breaks out the request items displayed to approvers.
The following table describes the access request types:
Access request type | Description |
---|---|
Grant Application |
End user requests access to an application. |
Remove Application |
End user’s manager requests to remove an application from an end user. |
Grant Role |
End user requests access to an Advanced Identity Cloud provisioning role. |
Remove Role |
End user’s manager requests to remove a role from an end user. |
Grant Entitlement |
End user requests access to an entitlement (an additional privilege inside an application). |
Remove Entitlement |
End user’s manager requests to remove an entitlement from an end user. |
The access request type is indicated at the top of each request item. |
When end users enter an entitlement request, end users will see a warning message if the request results in a Segregation of Duties (SoD) violation.
End users can click View Details to review the entitlements on the Violations Found modal. The end user has the option to click Submit with Violation or Close the modal. |
Approve, reject, or forward a request item
The access request details of a request item include the requested resource(s), justification, and submission date.
Click a request item to view the details and take action, such as approve or reject.
Approve item
-
Click the desired item to view the details.
-
Optional. Add a comment to the request:
-
Click the Comments tab, then click + Add Comment.
-
Enter a comment, and then click Add Comment to save it.
-
-
Click Approve.
-
Click Approve again to confirm the approval of the resource.
Identity Governance provisions the resource to the end user.
Reject item
-
Click the desired item to view the details.
-
Optional. Add a comment to the request:
-
Click the Comments tab, then click [.label]# + Add Comment#.
-
Enter a comment, and then click + Add Comment.
-
-
Click Reject.
-
Enter a justification as to why the request is being rejected.
-
Click Reject.
Forward to another user or role
If the owner is unable to make a decision on their assigned access request due to insufficient information or other reasons, they can approve the request item request to one or more users assigned to a specific role.
To forward a request item to another user or role:
-
Click desired request to view the details.
-
Click Forward.
-
Select one of the following:
-
Another user — Forward the item to a single user.
-
Users with assigned role — Forward the item to users in a role.
Every user within the role can make a decision on the item. However, once a decision is reached, the assigned request item is considered complete.
-
-
Select the user or role to assign the item to.
-
Enter a comment as to why the item is being forwarded.
-
Click Forward.