PingOne Advanced Identity Cloud

Manage pending access requests and request types

Identity Governance has updated its UI pages and added new functionality to manage pending access requests and request types.

There are two main kinds of request types: out-of-the-box and custom. Out-of-the-box refers to the set of default request types, such as:

  • applicationGrant

  • applicationRemove

  • entitlementGrant

  • entitlementRemove

  • roleGrant

  • roleRemove

Custom refers to those request types that you create using the Identity Governance UI or API.

Governance requests page
  • 1 Click to manage request, request types, or settings.

  • 2 Click to display and manage Requests.

  • 3 Click to display and manage Request Types.

  • 4 Click to display and manage Global request type settings.

  • 5 Click to display the status: Pending, Completed, or Canceled requests.

  • 6 Click Request Date to sort the requests by Request Date, Requested For, Priority, or Request ID. Click Descending to sort descending order, or Ascending to sort in ascending order.

  • 7 Click Show Filters to filter by priority, request type, requested for, requester, or request ID.

  • 8 Click to display a request’s details.

  • 9 Click the ellipsis () to View Details, Forward, or Cancel Request.

Request types

The Requests page lets Identity Governance administrators view a list of out-of-the-box and custom request types in a tenant environment, and create custom request types for use in workflows and forms.

Governance requests page to view out-of-the-box and custom request types, role=
  • 1 Click to manage Request Types.

  • 2 Click New Request Type to create a custom request type.

  • 3 Use Search to find a request type.

  • 4 Click a request type to view or edit it.

  • 5 Click the ellipsis () to open a context menu with options to view details of the access request, forward the access request to another user, or cancel the access request. For custom request types, click the ellipsis () to edit or delete the request type.

Steps

  1. In the Advanced Identity Cloud login UI, click Governance > Requests.

  2. On the Requests page, click the Request Types tab.

    1. View the list of out-of-the-box and custom request types.

    2. Click ellipsis () > Edit the out-of-the-box request type. If the request type is custom, you have the option to Edit or Delete it.

  3. Click New Request Type to create a custom request type.

    1. On the New Request Type modal, enter the following:

      Field Description

      Name

      Enter a descriptive name for your form.

      Description (optional)

      Enter a general description for your form.

      Workflow

      Select a workflow to associate with the custom request type.

      Enable validation

      (Optional) Click to enable validation for the custom request type, and then enter your validation script.

      Validation scripts for out-of-the-box request types are view-only. Validation scripts for custom request types are editable.

    2. Click Save.

  4. On the Request Type Details page, click the Properties tab.

    1. Click New Property.

    2. On the New Property modal, enter the following:

      Field Description

      Name

      Enter a descriptive name for the property.

      Label

      Enter a human-readable label for the property.

      Type

      Select a property type. Options are:

      • String

      • Number

      • Boolean

      • Object

      Multi-valued

      Click if the property is multi-valued.

      Required

      Click if you want the property to be required.

    3. Click Save.

    4. Repeat the steps to add another property.

Governance global request settings

The Settings tab on the Requests page lets Identity Governance administrators view and edit global request settings tab.

Governance request settings page

  • 1 Click to view Global request settings.

  • 2 Click to enable or disable any request settings.

  • 3 Select the default role for the approver.

Steps

  1. In the Advanced Identity Cloud login UI, click Governance > Requests.

  2. On the Requests page, click the Settings tab.

  3. Click any of the following settings:

    Property Type

    Require Request Justification

    Boolean

    Require Reject Justification

    Boolean

    Require Approve Justification

    Boolean

    Allow Self Approval

    Boolean

    Default Approver

    Managed role approver

    Allow Request With Violation

    Boolean

    Require Request Justification With Violation

    Boolean

    Enable Scoping

    Boolean

  4. On the Default Approver Role, select a default role for the approver.

  5. Click Save.