Skip to content

Access Request Decision Email Template

The Access Request Decision email is sent to a user when an access request they made is approved or denied.

Name: Access Request Decision

Subject: Your access request for ${accessProfileName} has been #if($approved)approved#{else}denied#end

Body:

Dear ${user.name},<br/>

    #if(${roleRequestEnabled})
        <p>Your request for the ${requestedObjectName} #if(${requestedObjectType}=="Role") role #elseif(${requestedObjectType}=="Entitlement") entitlement #else access profile #end
        #if($requesterName != $requestedForIdentityName) for ${requestedForIdentityName}#end has been
     #else
        <p>Your request for ${accessProfileName}#if($requesterName != $requestedForIdentityName) for ${requestedForIdentityName}#end has been
     #end
    <b>#if ($approved)<span style="color:green">approved</span>#{else}<span style="color:red">denied</span>#end.</b></p>

    <p>#if(${requestedObjectType}=="Role" && ${accessRequestMetadata} && ${accessRequestMetadata.get("requestContextInformation")}) Requested Dimensions Attributes:#foreach($key in ${accessRequestMetadata.get("requestContextInformation").keySet()})</p>
    <ul><li>${key}:${accessRequestMetadata.get("requestContextInformation").get($key)}</li></ul>#end#end

    #if(${roleRequestEnabled})
        #if($approved && $accessibleItems && $accessibleItems.size() > 0)
            This means #if($requesterName != $requestedForIdentityName) the user now has #else you now have #end access to
            the following:
            #set($sep="")
            #foreach($item in $accessibleItems)
                $sep$item
                #set($sep=", ")
            #end.</p>
        #end
    #end


    #if (!$approved && $reviewerComment)<p>${rejecterName} included the following comment when denying the access: <b>$reviewerComment</b></p>
    #end

    #if ($approved)
        #if ($removeDate)<p>#if($requesterName != $requestedForIdentityName) The user's #else Your #end access to ${requestedObjectName} is scheduled to end on ${removeDate}.</p>
        #end
    #end

    #if (!$approved)
        <p>Please contact ${rejecterName} if you have any questions.</p>
    #end

    <p>
        Thanks,<br/>
        The ${PRODUCT_NAME} Team
    </p>

Attributes

This email template uses version 1 global variables and the following template-specific attributes:

Name Type Description
accessibleItems List A list of items the user can access as a result of their request being approved.
accessProfileName String The access profile that was requested during this access request.
approved Boolean Whether or not the request was approved.
approverName String The display name of the identity that approved the request.
rejecterName User If applicable, the name of the reviewer who rejected this access request.
removeDate String The date on which the access will be removed.
requestedForIdentityName String The name of the user for whom access was requested.
requestedObjectName String The name of item that was requested.
requestedObjectType String The type of item that was requested.
requesterName String The display name of the identity that requested the app.
reviewerComment String The comments the reviewer enters when they deny access, if applicable.
roleRequestEnabled Boolean Whether the role request feature is enabled for a site.
sourceInformation List A list of mapping for account source information in case of multi account request. Map contains the following keys:

- sourceAccountName

- sourceAccountId

- sourceName

Note: This should only be used in case of multiple accounts. Otherwise, this variable will not be populated.
accessRequestMetadata Map A map of dimension attributes. Contains both Requested Dimension attributes and Matched Dimension attributes. By default, we show Requested Dimension Attributes. To use the Matched Dimension Attributes, please take reference on how requested attributes are used. Use the key “matchedRolesInformation”

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.