If your site has enabled the Access Requests module for IdentityNow, you might sometimes be asked to review users' access. You can then determine whether the access level is appropriate for the user requesting that access.
On each access request card, you can see the following information:
The name of the requested access profile or role.
The date the access was requested.
The name of the user who will receive the access if this request is approved.
Who requested the access (either the recipient themselves or someone else on their behalf).
When you receive an access request, you will receive an email notifying you that you must review access. Follow the link in the email or follow the steps below.
NOTE: If you are a member of a governance group:
If you are added to a group after a request is made, you will not receive that request.
If someone else in the group has already reviewed the access request, it will disappear from your list as only one person per group needs to approve or deny access.
An access request assigned to you or your governance group.
1. Sign into IdentityNow and go to Approvals.
2. Under Requested Items, select the request card. Details about the request will appear on the right side of your screen.
3. Review the following information as required and determine whether the user needs access:
Access Item: The item's Description, Type, Role Owner, and Created date.
Identity: More in depth information about the user requesting the access.
Comments: When applicable, any comments associated with the access request.
4. Select Approve or Deny.
If you approve this access, one of the following things can happen next:
If you are the final review in the queue of users who need to review this access, manual or automated provisioning will begin.
If more users need to review this access, the access request is sent to the next reviewer in the queue.
If the access request has an expiration date and is approved after that date has passed, the access item will not be granted. However, the request process will appear to be complete to the requester.
If you deny the request, the following happens:
The approval process ends. Even if there are multiple reviewers in the queue, only one reviewer needs to deny access.
If a dialog appears asking you for comments, enter the reason you are denying the request. You can enter up to 500 characters. This feature is supported on tablets and desktop devices.
If you believe someone else would be able to review this access better than you, you can reassign the access request to them.
5.. To see access requests you've already approved or denied, select the Reviewed Items tab. Select the original request card to see details or comments from you, the original requester comments, or reassignment related comments. This information is preserved indefinitely.