22.2 Requesting Access

To request applications, permissions, or technical role assignments:

1. (Conditional) If administrators have created and assigned business roles:

   1. Select Request > Recommended to view a list of recommended items.

      NOTE:Business role assignments determine these recommended items. If in your environment, Identity Governance administrators have not created and assigned business roles, you might not see any recommended items to request. Assigned technical roles will not be included in the recommended list.

   2. (Optional) Search for specific request items using typeahead search or advanced filters.

   3. Select an item, select from available options, enter a reason, and select Add to request. Repeat this to add more items to your cart.

2. Select Request > Browse. Identity Governance request policies determine who can request access and for what they can request. Also, items already assigned to you will not be available for request and can be viewed on your Current Access page.

   1. (Optional) Select Your Name > My Settings > Enable tile view to view the Application and Technical Roles as tiles.

      NOTE:Once you enable the tile view, you can switch from table to tile view on both request and approval pages.

   2. Select the Permissions, Technical Roles, or Applications boxes or Application or Technical Roles tabs to view respective request items and sort them as needed.

      NOTE:Technical roles enable you to request multiple permissions in a single step. The Application box enables you to request access to applications, whereas the Application tab lists permissions for each application and enables you to request individual permissions even when you cannot request access to the application itself.

   3. Search request items by name, description, or category. Or click the filter icon to search using additional policies and request item attributes such as cost, risk, and owners.

   4. Select the item you want to request, review any SoD violations, enter a reason, and select Add to request.

      NOTE:If Identity Governance warns you of SoD violations, either change your request to resolve the violation or submit the request with the violations for an SoD administrator, SoD policy owner, or SoD or Access Request policy to approve or resolve the violation.

      When you request access to a technical role, Identity Governance will generate requests for the missing permissions of the technical role and also assign the technical role to the user. The badges that display the technical roles will display a green check mark icon if the technical role is already assigned and a yellow warning icon if the technical role is assigned to the user, but the user is missing one or more permissions of the technical role.

3. (Conditional) If you have rights to request on behalf of others:

   1. Select the current user to change for whom you are making the request.

   2. Select an item, enter a reason, and select Add to request. Repeat this to add more items.

   3. (Optional) Select a different user to review and request items for that user.

4. After you have requested items for all users, select the cart to review your choices.

   NOTE:Selecting X next to a request in the shopping cart immediately removes the request from the cart.

   When you review permissions available to request in the tile view, items have the following icons signifying the state of the item. The default table view has columns conveying the same information using check marks.

   Shopping cart

   Item was requested and is in the shopping cart, but the request has not yet been submitted.

   Lock

   Requested item needs approval.

   Clock

   Item was requested and is awaiting fulfillment or approval.

   Check mark

   User already owns the item.

5. Click Submit to submit your requests.