Next and Create buttons are grayed out when creating a new "Request for self" in Identity Governance 7.1.x
The purpose of this article is to provide assistance if a user is unable to create a "Request for self" request in Identity Governance because the Next and Create buttons are grayed out. This issue only occurs when IDM is integrated with AM.
Symptoms
When trying to create an Access Request in Identity Governance, the Next and Create buttons are grayed out when selecting "Request for self". This prevents users from submitting an Access Request for themselves (Self-Request).
Access Requests can be created for other users (using the "Request for other users" option) even if you select yourself as the user.
Recent Changes
N/A
Causes
When IDM is integrated with AM, users are located using the _id attribute of the user instead of their username.
The query in Identity Governance uses the sw (startsWIth) operator to find a user, which does not work with the _id attribute. As a result, the user cannot be found, which prevents the request from proceeding.
Solution
This issue can be resolved as follows:
- Add the following two lines to the
getUsersByQueryString
method in the userUtils.js file in /path/to/idm/script/access-request/utils:var query_filter_eq = qf.isIdIn(terms) var query_filter = qf.or([query_filter_eq,query_filter_sw])
The updated method should now look like this:function getUsersByQueryString(query_string, queryParams) { var terms = __.splitString(query_string, /\s+/); var search_keys = commonUtils.getSettingValueById('userSearchProperties'); var query_filter_sw = qf.allSwIn(terms, search_keys); var query_filter_eq = qf.isIdIn(terms) var query_filter = qf.or([query_filter_eq,query_filter_sw]) var extendedQueryParams = __.extended(queryParams, { _queryFilter: query_filter, }); var users = queryUsers(extendedQueryParams); return users; }
- Save the userUtils.js file. You do not need to restart IDM to apply these changes.
The user should now be able to successfully create a "Request for self" Access Request