Access Request Violations Options
For access requests that generate policy violations, IdentityIQ can be configured to:
Reject and Cancel Requests with Policy Violations
If you submit an access request that results in a policy violation and IdentityIQ is configured to reject any requests with policy violations, the request fails and is canceled. You can navigate to the Manage User Access page and create a new request.
Reject Requests with Policy Violations – Interactive
If you submit an access request that results in a policy violation and IdentityIQ is configured to reject any requests with policy violations, the request fails. If you are notified that the request failed because of a policy violation and you are still on the Manage User Access page, you can:
-
Change the access request
-
Cancel the access request
Allow Requests with Policy Violations – Non-Interactive
If you submit an access request that results in a policy violation and IdentityIQ is configured to allow any requests with policy violations, the request goes through and you are not notified.
Allow Requests with Policy Violations – Interactive
Note: When you continue with an access request with a violation, IdentityIQ can be configured to allow the violation with no user interaction or require users to add a comment or sunset date.
If you submit an access request that results in a policy violation and IdentityIQ is configured to allow requests with policy violations and notify the requester, the request continues. When you are notified of the violation, you can:
-
Change the access request
-
Cancel the access request
-
Continue with the access request