Skip to content

Requesting access removal

As a manager, you may need to request the removal of a team member’s access to an access profile or role. For example, your team member may be switching to a different team or project and no longer requires that access. You can submit a request to remove their identity’s access to a specific access profile or role.

Notes

You cannot submit access removal requests for the following:

  • Roles granted by membership criteria.
  • Access profiles granted through role membership.

If removed, these roles and access profiles are automatically reassigned upon nightly refresh. Refer to Automating Role Assignment for more information.

To request access removal:

  1. From your Dashboard, select My Team.

  2. Select an identity from the list of your team members.

    List of team members. The Roles tab displays 5 granted roles, who they were granted by, and with no removal requests allowed.

  3. On the identity’s details page, select the Roles or Access Profiles tab, depending on the type of access you want to remove.

  4. Select Request Removal in the Removal Requests Allowed column for the item you want to request to remove access for.

    List of access profiles, their source, description, and options to select whether a removal request is allowed.

    Note

    You cannot submit removal request for items with a No in the Removal Requests Allowed? column. If you removed this access, it would automatically be reassigned upon nightly refresh.

  5. In the Revoke Access window, enter a comment explaining why this access should be removed. Removal requests require comments.

    Revoke Access panel with a mandatory comment box.

  6. Select Submit to submit your access removal request.

If the request doesn't require approval, the identity’s access removal will be triggered. If the request requires approval, the request will be sent to a reviewer. You’ll receive an email when they have approved or denied your request.