Hi team,
We have a requirement to develop a access request form for the entitlements of a specific source and approve/reject the same access request.
Does anyone has any inputs on this?
Thanks
Kalyan
Hi team,
We have a requirement to develop a access request form for the entitlements of a specific source and approve/reject the same access request for the identities in ISC
Does anyone has any inputs on this?
Thanks
Hello @kalyannambi2010 ,
Greetings of the Day!
please check the below document
Let me know for any queries.
Thank You
Mahesh
hi @kalyannambi2010 !
So the requirement here is to request access items of one particular source through form instead of request centre?
Is my understanding correct ?
Hi @sidharth_tarlapally yes correct instead of request centre need develop a access request form for the entitlements of a specific source and approve/reject the same access request for the identities in ISC.
Thanks
Okay!!
This can be accomplished using forms and workflows.
We need to proceed with Interactive Forms .
- Create a form with necessary feilds like , select access items , recipient , date , comments .
- Attach this form to workflow - Using Interactive Trigger and Form
- On this trigger , perform the workflow which should follow submitting a access request using above details.
Please refer these for more understanding:
Hope this helps !
Thanks
Hi @sidharth_tarlapally and @Mahesh_Mukku I have developed a form in which I need to select an entitlement and after submission it should go to manager and application owner approval and after approval it shoule be provisioned onto AD source.
How can we implement the same?
Thanks
Form Object
{
"jwsHeader": null,
"jwsSignature": null,
"version": 1,
"self": {
"type": "FORM_DEFINITION",
"id": "160fb98b-79be-4d18-8218-b9da1a0ddf69",
"name": "Access Request Form"
},
"object": {
"id": "160fb98b-79be-4d18-8218-b9da1a0ddf69",
"name": "Access Request Form",
"description": "",
"owner": {
"type": "IDENTITY",
"id": "f0094611513e4cc28d284a02de9084cc",
"name": "sidharth.tarlapally"
},
"usedBy": [
{
"type": "WORKFLOW",
"id": "fb98ec3a-afde-4cc9-93d2-d2943b123263",
"name": "AD Audit Plus Access Request"
}
],
"formInput": [],
"formElements": [
{
"id": "1162536864156",
"elementType": "SECTION",
"config": {
"alignment": "LEFT",
"description": "",
"formElements": [
{
"config": {
"dataSource": {
"config": {
"objectType": "IDENTITY"
},
"dataSourceType": "INTERNAL"
},
"forceSelect": true,
"helpText": "Who Are You Requesting For?",
"label": "Select Identities",
"maximum": 10,
"placeholder": "Select your Identity if you are requesting for yourself",
"required": true
},
"elementType": "SELECT",
"id": "112880274495",
"key": "selectIdentities",
"validations": [
{
"validationType": "DATA_SOURCE"
},
{
"validationType": "REQUIRED"
}
]
},
{
"config": {
"dataSource": {
"config": {
"aggregationBucketField": "displayName",
"filters": {},
"indices": [
"entitlements"
],
"query": "source.name:\"Active Directory ENHDEV\" AND requestable:true"
},
"dataSourceType": "SEARCH"
},
"forceSelect": true,
"helpText": "",
"label": "Select Entitlements",
"maximum": 30,
"placeholder": "",
"required": true
},
"elementType": "SELECT",
"id": "690230457549",
"key": "selectEntitlements",
"validations": [
{
"validationType": "DATA_SOURCE"
},
{
"validationType": "REQUIRED"
}
]
}
],
"label": "Access Request Form",
"labelStyle": "h2",
"showLabel": true
},
"validations": []
}
],
"formConditions": [
{
"ruleOperator": "AND",
"rules": [
{
"sourceType": "ELEMENT",
"source": "requestingForYou",
"operator": "EQ",
"valueType": "BOOLEAN",
"value": "true"
}
],
"effects": [
{
"effectType": "HIDE",
"config": {
"element": "112880274495"
}
}
]
}
],
"created": "2025-02-27T09:45:22.839531997Z",
"modified": "2025-03-06T11:34:14.265991412Z"
}
}
Workflow Definition
{
"name": "AD Audit Plus Access Request",
"description": "AD Audit Plus Access Request",
"modified": "2025-03-06T11:34:33.50384215Z",
"modifiedBy": {
"type": "IDENTITY",
"id": "2c91808a6ef6818e016f573ca2d80d64",
"name": "H581"
},
"definition": {
"start": "Interactive Form",
"steps": {
"End Step - Success": {
"displayName": "",
"type": "success"
},
"Interactive Form": {
"actionId": "sp:interactive-form",
"attributes": {
"formDefinitionId": "160fb98b-79be-4d18-8218-b9da1a0ddf69",
"interactiveProcessId.$": "$.trigger.interactiveProcessId",
"message": "",
"ownerId.$": "$.trigger.launchedBy.id",
"title": "Access Request"
},
"displayName": "",
"nextStep": "Loop",
"type": "action",
"versionNumber": 1
},
"Loop": {
"actionId": "sp:loop:iterator",
"attributes": {
"context.$": "$.interactiveForm.formData.selectIdentities",
"input.$": "$.interactiveForm.formData.selectEntitlements",
"start": "Get Access",
"steps": {
"End Step - Success 2": {
"displayName": "",
"type": "success"
},
"Get Access": {
"actionId": "sp:access:get",
"attributes": {
"accessprofiles": false,
"entitlements": true,
"getAccessBy": "searchQuery",
"query": "name:{{$.loop.loopInput}} AND source.name:\"Active Directory ENHDEV\"",
"roles": false
},
"description": null,
"displayName": "",
"nextStep": "Manage Access",
"type": "action",
"versionNumber": 1
},
"Manage Access": {
"actionId": "sp:access:manage",
"attributes": {
"addIdentities.$": "$.loop.context",
"comments": "FORMS",
"requestType": "GRANT_ACCESS",
"requestedItems.$": "$.getAccess.accessItems"
},
"displayName": "",
"nextStep": "End Step - Success 2",
"type": "action",
"versionNumber": 1
}
}
},
"displayName": "",
"nextStep": "End Step - Success",
"type": "action",
"versionNumber": 1
}
}
},
"creator": {
"type": "IDENTITY",
"id": "2c91808a6ef6818e016f573ca2d80d64",
"name": "H581"
},
"trigger": {
"type": "EVENT",
"attributes": {
"filter.$": "$[?(@.workflowId == 'fb98ec3a-afde-4cc9-93d2-d2943b123263')]",
"id": "idn:interactive-process-launched"
}
}
}
Hope this helps
Hi everyone,
does anyone has idea about how to implement provisioning to AD group after a form is submitted for AD group membership is approved?
Thanks
Kalyan
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.