Access request (created via Service Catalog) tracking in IdentityNow

When an access request (ticket) is created in ServiceNow Catalog and the default manager approval is completed, ServiceNow sends it to IdentityNow for further processing.

IdentityNow receives the ticket and it starts processing the same. Say, we have an approval required (it can be Access profile owner approval, role owner approval or governance group approval etc) but the approver fails to approve the request on time and request is in pending state and the ServiceNow ticket is in “Work in Progress” state (in RITM level).

Now, how can a helpdesk team track the pending request in IdentityNow? Which information can be used from ServiceNow ticket that helpdesk can use to track the access request in IdentityNow?

Hi Shubham,

Here is what you can do today. You can use the list pending access requests endpoint to create a report of all access requests that are in the pending state. You can apply a filter to this endpoint to only show pending approvals that haven’t been “touched” since a particular date. For example:

https://{tenant}.api.identitynow.com/v3/access-request-approvals/pending?filters=modified < "2022-05-20T20:22:28.104Z".

I have an open ticket with the engineering team to enhance our Access Request API to provide better filtering mechanisms to make this use case possible. The submit access request endpoint has a field called clientMetadata, where you can store any key/value you want. You can add the service now ticket ID to the access request when you submit it. However, the GET endpoints for access requests don’t return the clientMetadata, and there is no filter parameter to be able to filter down the list of requests based on data you put in clientMetadata. I am working with engineering to get them to add clientMetadata to the GET endpoints as well as provide the ability to filter requests based on data inside clientMetadata.