Request access via catalog
This section describes how you can request access to an application or entitlement using the service catalog. The access-request functionality is based on a shopping cart model where users can select items from the service catalog, place them in a cart and then checkout. Upon checkout, OpenIAM will start a workflow where the designated approvers are notified to review the request. If the request is approved, then OpenIAM will provision the access if a connector has been enabled. For a systems where a connector does not exist, then person or group designated to fulfill will be notified.
The steps below describe how you can create a request.
Select a user to create a request
You can create requests in OpenIAM for:
- Yourself
- One of your direct reports
- All other users
The sections below describe how to create a request for each of the above scenarios.
Create a request for yourself
To create a request for yourself, follow the steps below:
- Login to the self-service portal
- Select
Create Request For Myselffrom the self-service portal landing page as show in the image below.
Selecting this option, will take you the screen shown below.
- Select
Select from Service Catalog
Create a request for direct report
To create a request for one of your direct reports, follow the steps below:
- Login to the self-service portal
- From the menu bar select
User Access -> View Direct Reports - This will display a list of your direct reports
Click on the
Create requestbutton for the employee that you wish to create a request for. This will present the catalog selection page.Select
Select from Service Catalog
Create a request for any user in the system
To create a request for any user that is in the OpenIAM system, follow the steps described below. Note, that this method can also be used for creating a request for a direct report as well.
- Login to the self-service portal
- From the header search bar, select
Create request
- Next enter the name of the person you would like to create a request for. Enter this value in the field labeled
Enter search text. As you type the user name, OpenIAM will start to show matches for this user. Select the user and you will taken directly to the catalog selection page. - Select
Select from Service Catalog
Create request
Each of the above steps has ended at the same point where service catalog has been selected. Follow the steps below to create a request for the selected user.
- After selecting the catalog, you will be presented with a list of categories. The categories provide a way for applications and permissions to be organized in a way that is easy for users to find. This is especially important if your company has a large number of applications or services which end-users can request. Select a category to find your application. Categories may also have sub-categories as shown bill down. Drill down till you find your applications.
- Select a application or service from the list and then click on Next
Next, you will be presented with a list of entitlements for the selected application. If the selected user has already been entitled to one or more of the entitlements, then they will be greyed out so that you cannot accidentally select them again. If the list of entitlements is large, then you can filter the list by searching for the entitlement. If the entitlement that you are requesting, then it can selected from Access rights drop down next to each entitlement.
- To select an entitlement, simply click on the
Add to cartbutton. You will see the shopping cart icon in the header being incremented. You can add more than one item.
- Click on next. You will be taken the
Questionnaire. This form serves two purpose:
Defines the duration for which you requesting access.
Start dateis when access will start. TheTodate is when access will be expire and the system will revoke access.Provides a business justification for the request. This is captured in the
Reason for requestfield.
OpenIAM allows custom justification questions to be introduced at the application level. If this has been enabled, then you will see additional questions on this form.
- Click on next and you been take to the preview screen shown below. The preview provides a summary of the request and provide the requestor with an opportunity to review the request before it is submitted.
If the request aligns with your expectations, the click on the Submit button. This will start the workflow and the reviewer will be notified of the pending request.
Monitoring a request
After a request has been submitted, you can monitor its progress through the review process using the steps described below.
- Login to the self-service portal
- Select
My requestfrom the landing page as shown below
- Next, you will see the list of requests which you currently have in progress as shown below. The table provides the following information:
| Field name | Description |
|---|---|
| Request ID | Unique Id for each request in the system |
| Requestor name | Person who created the request |
| Request created for | Person for whom the request was created for |
| Request create date | Date and time the request was created |
| Status | On this screen,the status should always be IN-PROGRESS as these are requests which have yet to be completed |
| Task type | Type of request |
| Approver | Current approver that this request is with |
| Description | Summary of the request. |
- Click on the
Actionsbutton next to the request to view the request details. The example below shows the details of an existing request. You can see the list of approvers and which one has completed the request and when.
The review screen also provides a Cancel button. You can use this to cancel a request.