Request access via catalog

This section describes how you can request access to an application or entitlement using the service catalog. The access-request functionality is based on a shopping cart model where users can select items from the service catalog, place them in a cart and then checkout. Upon checkout, OpenIAM will start a workflow where the designated approvers are notified to review the request. If the request is approved, then OpenIAM will provision the access if a connector has been enabled. For a systems where a connector does not exist, then person or group designated to fulfill will be notified.

The steps below describe how you can create a request.

Select a user to create a request

You can create requests in OpenIAM for:

  • Yourself
  • One of your direct reports
  • All other users

The sections below describe how to create a request for each of the above scenarios.

Create a request for yourself

To create a request for yourself, follow the steps below:

  • Login to the self-service portal
  • Select Create Request For Myself from the self-service portal landing page as show in the image below.

Create a request for myself

Selecting this option, will take you the screen shown below.

Select from catalog

  • Select Select from Service Catalog

Create a request for direct report

To create a request for one of your direct reports, follow the steps below:

  • Login to the self-service portal
  • From the menu bar select User Access -> View Direct Reports
  • This will display a list of your direct reports

Create a request for myself

  • Click on the Create request button for the employee that you wish to create a request for. This will present the catalog selection page.

  • Select Select from Service Catalog

Create a request for any user in the system

To create a request for any user that is in the OpenIAM system, follow the steps described below. Note, that this method can also be used for creating a request for a direct report as well.

  • Login to the self-service portal
  • From the header search bar, select Create request

Create a request for myself

  • Next enter the name of the person you would like to create a request for. Enter this value in the field labeled Enter search text. As you type the user name, OpenIAM will start to show matches for this user. Select the user and you will taken directly to the catalog selection page.
  • Select Select from Service Catalog

Create request

Each of the above steps has ended at the same point where service catalog has been selected. Follow the steps below to create a request for the selected user.

  • After selecting the catalog, you will be presented with a list of categories. The categories provide a way for applications and permissions to be organized in a way that is easy for users to find. This is especially important if your company has a large number of applications or services which end-users can request. Select a category to find your application. Categories may also have sub-categories as shown bill down. Drill down till you find your applications.

Catalog categories

  • Select a application or service from the list and then click on Next

Catalog applications linked to a category

Next, you will be presented with a list of entitlements for the selected application. If the selected user has already been entitled to one or more of the entitlements, then they will be greyed out so that you cannot accidentally select them again. If the list of entitlements is large, then you can filter the list by searching for the entitlement. If the entitlement that you are requesting, then it can selected from Access rights drop down next to each entitlement.

Catalog applications linked to a category

  • To select an entitlement, simply click on the Add to cart button. You will see the shopping cart icon in the header being incremented. You can add more than one item.

Catalog applications linked to a category

  • Click on next. You will be taken the Questionnaire. This form serves two purpose:
  1. Defines the duration for which you requesting access.

    Start date is when access will start. The To date is when access will be expire and the system will revoke access.

  2. Provides a business justification for the request. This is captured in the Reason for request field.

OpenIAM allows custom justification questions to be introduced at the application level. If this has been enabled, then you will see additional questions on this form.

  • Click on next and you been take to the preview screen shown below. The preview provides a summary of the request and provide the requestor with an opportunity to review the request before it is submitted.

Request preview

If the request aligns with your expectations, the click on the Submit button. This will start the workflow and the reviewer will be notified of the pending request.

Monitoring a request

After a request has been submitted, you can monitor its progress through the review process using the steps described below.

  • Login to the self-service portal
  • Select My request from the landing page as shown below

Request preview

  • Next, you will see the list of requests which you currently have in progress as shown below. The table provides the following information:
Field nameDescription
Request IDUnique Id for each request in the system
Requestor namePerson who created the request
Request created forPerson for whom the request was created for
Request create dateDate and time the request was created
StatusOn this screen,the status should always be IN-PROGRESS as these are requests which have yet to be completed
Task typeType of request
ApproverCurrent approver that this request is with
DescriptionSummary of the request.

Open request list

  • Click on the Actions button next to the request to view the request details. The example below shows the details of an existing request. You can see the list of approvers and which one has completed the request and when.

Request summary

The review screen also provides a Cancel button. You can use this to cancel a request.