Solved: Workflow to Approve the Business Role Definition

Chenyang · ‎08-15-2016

Hello IdM Masters,

I wonder it is possible to setup a approval workflow in IdM to approve add/remove privileges to/from a business role?

I know we are able to setup such a workflow in GRC Access Control. Are we able to do the same in IdM?

Thanks,

Chenyang

devaprakash_b · ‎08-15-2016

Hi chenyang,

As suggested by Norman, We need to create an custom entry Type and custom attributes and define a workflow as below

Create custom entry type and custom attributes.
Create a UI task which accepts the Role for which the privileges needs to be added or removed.
when submitted, a request needs to be created of new entry type.
The new request object holds the Role and privileges in form of attributes.
Define the approves based on the Role MX_OWNER/MX_APPROVERS.
Define approval tasks either through event handling tasks for the attributes or link an Ordered task to be executed after submitting the UI task.
Define an attribute which holds the approvers in the request object.
Create an approval task based on the approvers attribute.

We have execeuted a similar workflow by creating an custom entry type and it is working perfectly.

Regards,

DP

normann · ‎08-15-2016

Hi Chenyang,

one approach would be a custom request object. You create a request where you enter the details for the role change and go through a workflow with that request object. After everything is approved you perform the change to the role.

Regards

Norman

Workflow to Approve the Business Role Definition

Accepted Solutions (1)

Accepted Solutions (1)

Answers (1)

Answers (1)

Timeout error: Waiting for screen(s) s_displayDocu...

Re: Data Services nest and unnest produce input ^2...

Moving a part of existing "On-Premise ECC" to "SAP...

Re: Background job status notifications

Re: Data Services nest and unnest produce input ^2...