Access Request Decision trigger

Manju22 · September 17, 2022, 4:57pm

What could be the trigger for the “Access Request Decision” in the workflow?

I want to filter the access requests approved or denied only for the selected source. If the particular source-related access request is approved, I want to send a custom email.

colin_mckibben · September 19, 2022, 1:41pm

The Access Request Decision trigger is documented here. This trigger will send the following payload to the workflow:

{
  "accessRequestId": "2c91808b6ef1d43e016efba0ce470904",
  "requestedFor": {
    "type": "IDENTITY",
    "id": "2c91808568c529c60168cca6f90c1313",
    "name": "William Wilson"
  },
  "requestedItemsStatus": [
    {
      "id": "2c91808b6ef1d43e016efba0ce470904",
      "name": "Engineering Access",
      "description": "Access to engineering database",
      "type": "ACCESS_PROFILE",
      "operation": "Add",
      "comment": "William needs this access to do his job.",
      "clientMetadata": {
        "applicationName": "My application"
      },
      "approvalInfo": [
        {
          "approvalComment": "This access looks good.  Approved.",
          "approvalDecision": "APPROVED",
          "approverName": "Stephen.Austin",
          "approver": {
            "type": "IDENTITY",
            "id": "2c91808568c529c60168cca6f90c1313",
            "name": "William Wilson"
          }
        }
      ]
    }
  ],
  "requestedBy": {
    "type": "IDENTITY",
    "id": "2c91808568c529c60168cca6f90c1313",
    "name": "William Wilson"
  }
}

The sourceId is not included in the payload, so there is no way to filter out events based on the source of the access. There is a way to get the sourceId for access requests and then do a comparison operator to filter out any requests that don’t match the target source, but it will require loops and variable insertion, which are not yet available in Workflows.

NMcGary76 · November 9, 2022, 4:38pm

Is there a clear answer on what the actual Json looks like in the “Access Request Decision” box? I have read through the document posted below and it provide no insight. It would be helpful to know that small detail.

colin_mckibben · November 11, 2022, 4:09pm

Welcome to the developer community Nicole.

The text area on each trigger is for a JSONpath filter expression. You might find it helpful to read up on trigger filters here: Filtering Events | SailPoint Developer Community. You have to look at what the payload of a trigger will be in order to understand what fields are available to filter on.

Here is an example filter expression to only send Access Request Decision events that contain an access item with a specific name.

$.requestedItemsStatus[?(@.name == "Engineering Access")]

colin_mckibben · February 16, 2023, 1:56pm

A post was split to a new topic: Filter event trigger on more than one item

Topic		Replies	Views
Filter on source for Access Request Decision trigger ISC Discussion and Questions workflows , identity-security-cloud	4	131	March 11, 2024
Workflows Trigger - Access Request Decision ISC Discussion and Questions workflows , identity-security-cloud	1	199	December 24, 2023
Workflow Trigger Condition error ISC Discussion and Questions workflows , event-triggers	6	500	July 19, 2023
Workflow error while using a filter option ISC Discussion and Questions workflows	2	378	July 19, 2023
Trigger an email to the Requestor and the Requested for once an access has been granted ISC Discussion and Questions workflows , notifications	4	742	July 19, 2023

Access Request Decision trigger

Related Topics