You can easily get access to the systems and apps you need using Access Requests. Request the apps and business roles you need, and an approval process kicks off automatically. You can even request access for others, to help onboard new team members or new business tools quickly.
Apps: Add apps to your Launchpad to use them as bookmarks, or to use IdentityNow to automatically sign you in to those sites. Your Launchpad might be pre-populated with a number of apps provisioned by IT, but you can add new apps to your Launchpad by requesting them from any desktop or mobile device. When the request is approved, the app appears on your Launchpad.
Roles: You'll likely need to obtain many different kinds of access to be able to do your job. If you don't have the access you need immediately, a way to get started quickly is to request a role, which is a bundle of access that can be granted to an employee or group of employees if your company has Provisioning enabled in IdentityNow. Roles grant specific access relevant to each position within a company.
When you request an app or a role, your request is reviewed by others assigned to review requests for that access. All reviewers must approve the access before it's granted to you. You will receive an email when your request is approved or denied.
Sign in to IdentityNow and go to the Request Center.
Use the Applications and Roles tabs to request what you need:
- To request an app, review the apps available on the Applications tab to find the app you want to request. Click an app's card to view more details about the app in the sidebar.
- To request a role, click the Roles tab and use the Search bar to find the role you want to request. To see details about a role, you can click its card.
Click Request, either in the corner of the card or in the details menu.
If you're requesting an app, under Access Profiles, select the radio button for the specific app you want. (You can only request one access profile at a time).
Some apps have many requestable access profiles. If needed, type the name or description of the access profile in the search bar to find it within the list.
You are not required to select an access profile when requesting roles.
Apps cannot be requested on behalf of others, but the access profiles within them can.
In the menu on the right, under Requesting For, select Myself or Others depending on who the access is for.
If you are requesting for others, enter their name(s) using the drop-down.
Add comments about the request to help reviewers determine that it's needed.
If you want the access to be automatically removed, you have the option to select an expiration date.
Click Submit. Your request for the highlighted access profiles is submitted and a confirmation message is displayed.
You will receive an email when your access request is approved or denied, which may take several days. If your request is denied, contact the person who denied the request for more information.
To see the requests you've made, as well as the comments on those requests, click the My Requests tab at the top of the Request Center.
If your request displays a warning icon, granting this request might result in a violation to one or more of your company's policies. No action is required on your part, but consider canceling the request if it isn't urgent.
- In some cases, when your access request is approved, you might receive access to more than one app if access to the app is controlled by the same access profile you were granted
- If you accidentally remove an app from your Launchpad and want it back, request access to it and it will reappear on your Launchpad when the access is granted.
- If you are granted a role but later find that you can no longer perform the role's functions, an administrator may have revoked your access. You can request the role again, or you contact your administrator for details on why the role was revoked.
- If you are part of the approval chain, whether as an individual reviewer or as part of a governance group, your approval step may be delegated to your manager or an IdentityNow administrator.
- As an individual reviewer, your approval step may also be auto-approved if that auto-approval has been configured for your org. Access requests assigned to a governance group cannot be auto-approved.
- If your request has an expiration date and is not approved until after the expiration date has passed, the access will not be granted but your request will appear to be complete.
- Requestable items that do not require approvals will not be evaluated for SOD violations.