Request to remove access
Managers can remove access from their direct reports through a remove access request for accounts (applications), roles, and entitlements.
When a manager submits the remove access request, the approver(s) of the resource approve or reject the remove access request.
To submit a remove access request:
-
Sign on as an end user and navigate to My Directory > Direct Reports.
Learn more in direct reports.
-
Click any of the following tabs:
-
Accounts (applications)
-
Entitlements
-
Roles: For roles, if the Assignment column has the value of
rule-based, you can’t request to revoke the role. Rule-based indicates that the role is assigned to a user if a specified condition is met.
-
-
Click the ellipsis icon () next to the desired resource, and click Revoke.
-
Next, fill out the following fields:
-
Justification: Enter a reason for revoking access to the selected resources.
-
Priority: Select one of the following:
The priority levels don’t affect how Identity Governance processes requests. your company determines the value assigned to the request. -
Low
-
Medium
-
High
-
-
Apply Expiration Date: Optional. Expire (cancel) the remove access request if the approver(s) haven’t approved or rejected it by the specified date.
-
-
Click Submit Request.