Generic Approval Definition
Approval flexibility requires a definition for each object to apply the approval rules. Often, organizations apply the same rule for an object type with a few exceptions. This section shows how Admins can create generic definitions that can be applied to all objects of a type.
Note
Any definition for an object, if defined, will be executed ignoring the generic definition for that object.
How to set up generic approval definition
-
Go to SailPoint Identity Security Cloud for Service Catalog > Setup. To enable Generic Approvals, select Yes for the Generic Approval Definition Enabled (Applicable if Configurable Approvals selected for Approval Flow) option.
-
Create approval rules to be defined for generic definitions. For more information, refer to Approval Flexibility.
-
It is suggested to add text in the description to easily identify the purpose of these rules. For example, Generic Rule provided by SailPoint.
-
-
Create approval definitions. For more information, refer to Approval Flexibility. Regarding generic definitions, use only the following naming process. Generic approval definitions are recognized only by the EXACT match of the name.
-
The generic ROLE definition should have the name SAILPOINT DEFAULT ROLE DEFINITION.
-
The generic ACCESS PROFILES definition should have the name SAILPOINT DEFAULT ACCESS PROFILE DEFINITION.
-
The generic ENTITLEMENT definition should have the name SAILPOINT DEFAULT ENTITLEMENT DEFINITION.
-
Create multiple definitions with the same name for serial and parallel definitions. The Order column must be used to define the sequence.
-
Screenshot
