Identity Cloud

Review request items

When an end user submits an access request, designated owners (approvers) must grant approval for the provisioning of resources.

The items approvers review and make decisions on are referred to as request items.

Approvers review and make decisions on items referred to as request items in the Identity Cloud End User UI. For more information, refer to End-user pages.

Log in to the Identity Cloud End User UI and navigate to Inbox > Approvals.

governance enduser ui approvals landing page
  • 1 Click Inbox > Approvals from the Identity Cloud End User UI to display the access requests landing page.

  • 2 Filter submitted request items by status:

    • Pending — The items are pending review.

    • Completed — The approver reviewed the items and made a decision (approve or reject).

  • 3 Click Sort By, and sort the items by an attribute in ascending or descending order.

  • 4 Click Show Filters to filter by attributes or priority. An end user sets the priority when they create the access request.

  • 5 Click on the item to view the details of the request.

Access request types

End users and managers can submit different access request types, such as removing and adding access requests.

The access request type breaks out the request items displayed to approvers.

The following table describes the access request types:

Access request type Description

Grant Application

End user requests access to an application.

Remove Application

End user’s manager requests to remove an application from an end user.

Grant Role

End user requests access to an Identity Cloud provisioning role.

Remove Role

End user’s manager requests to remove a role from an end user.

Grant Entitlement

End user requests access to an entitlement (an additional privilege inside an application).

Remove Entitlement

End user’s manager requests to remove an entitlement from an end user.

The access request type is indicated at the top of each request item.

governance enduser ui approvals request type

Approve, reject, or forward a request item

The access request details of a request item include the requested resource(s), justification, and submission date.

Click a request item to view the details and take action, such as approve or reject.

governance enduser ui approvals details page

Approve item

  1. Click the desired item to view the details.

  2. Optional. Add a comment to the request:

    1. Click the Comments tab, then click + Add Comment.

    2. Enter a comment, and then click Add Comment to save it.

  3. Click Approve.

  4. Click Approve again to confirm the approval of the resource.

    Identity Governance provisions the resource to the end user.

Reject item

  1. Click the desired item to view the details.

  2. Optional. Add a comment to the request:

    1. Click the Comments tab, then click [.label]# + Add Comment#.

    2. Enter a comment, and then click + Add Comment.

  3. Click Reject.

  4. Enter a justification as to why the request is being rejected.

  5. Click Reject.

Forward to another user or role

If the owner is unable to make a decision on their assigned access request due to insufficient information or other reasons, they can approve the request item request to one or more users assigned to a specific role.

To forward a request item to another user or role:

  1. Click desired request to view the details.

  2. Click Forward.

  3. Select one of the following:

    • Another user — Forward the item to a single user.

    • Users with assigned role — Forward the item to users in a role.

      Every user within the role can make a decision on the item. However, once a decision is reached, the assigned request item is considered complete.
  4. Select the user or role to assign the item to.

  5. Enter a comment as to why the item is being forwarded.

  6. Click Forward.

Copyright © 2010-2024 ForgeRock, all rights reserved.