Requesting access removal
As a manager, you may need to request the removal of a team member’s access to an access profile or role. For example, your team member may be switching to a different team or project and no longer requires that access. You can submit a request to remove their identity’s access to a specific access profile or role.
Notes
You cannot submit access removal requests for the following:
- Roles granted by membership criteria.
- Access profiles granted through role membership.
If removed, these roles and access profiles are automatically reassigned upon nightly refresh. Refer to Automating Role Assignment for more information.
To request access removal:
- From your Dashboard, select My Team.
-
Select an identity from the list of your team members.
-
On the identity’s details page, select the Roles or Access Profiles tab, depending on the type of access you want to remove.
-
Select Request Removal in the Removal Requests Allowed column for the item you want to request to remove access for.
Note
You cannot submit removal request for items with a No in the Removal Requests Allowed? column. If you removed this access, it would automatically be reassigned upon nightly refresh.
-
In the Revoke Access window, enter a comment explaining why this access should be removed. Removal requests require comments.
-
Select Submit to submit your access removal request.
If the request doesn't require approval, the identity’s access removal will be triggered. If the request requires approval, the request will be sent to a reviewer. You’ll receive an email when they have approved or denied your request.
Documentation Feedback
Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.