Configuring Email Reminders and Notifications
Setting Global Reminders and Escalation Policies
If an approver assigned to an access request has not taken action on it, you need the ability to automatically remind them that their review is required. If too much time passes, you need to be able to escalate the issue by sending information to someone who can enforce your approval policy.
For API information on how to set these reminders and escalations globally for your IdentityNow site, see Update Access Request Configuration.
- By default, no reminders or escalations are sent.
- If you're making these API calls, you'll need to use one of our supported authentication methods. As a best practice SailPoint recommends using OAuth 2. The endpoint you use must be changed slightly based on the authentication method. For more details, see Authentication.
When the criteria for an escalation has been met, the escalation email is sent to the following people in the system in order:
Approver 2 - Manager of the original approver
Approver 3 - 2nd level manager of the original approver
Fallback Approver - An individual designated by this API to complete the request if all previous approvers fail to meet the deadline
If you define an escalation policy to enforce approvals, it may result in a unique workflow where a request gets escalated to the original person who requested the access, either for themselves or on behalf of someone else, essentially overriding the restriction in place to prevent this from happening.
Reminder and Escalation Schedule
|Day||Action||Escalation or Reminder|
|0||An initial email is generated asking the designated approver to review the request||NA|
|3||An email is sent to the approver after the period defined by daysTillEscalation||First reminder|
|4||An email is sent to the approver||Second reminder|
|5||An email is sent to the approver||Final reminder|
|6||An escalation email is sent to Approver 2||First escalation|
|7||An email is sent to Approver 2||First reminder|
|8||An email is sent to Approver 2||Second reminder|
|9||An email is sent to Approver 2||Final reminder|
|10||An escalation email is sent to Approver 3||Second escalation|
|11||An email is sent to Approver 3||First reminder|
|12||An email is sent to Approver 3||Second reminder|
|13||An email is sent to Approver 3||Final reminder|
|14||An escalation email is sent to the Fallback Approver||Final escalation|
No additional emails are sent after this point and the approval continues to wait for the Fallback Approver indefinitely.
You can customize the emails that users see when requesting, reviewing, or reassigning access requests using the following email templates: