Share all details related to your problem, including any error messages you may have received.
Hello ā I have a requirement, managers from a specific application has two types of account admin account and normal user account. When the managers request for an access IIQ gives an option to select which account to use. We need to make sure admin account is only used for accessing privileged access. Normal user account should not be used to request access. So can we eliminate the user selecting accounts for particular access?
The best and easiest way would be to use Role instead of Entitlement assignement - then you can control to which account you assign IT Role via accountSelector Rule
We have a feature in IdentityIQ called account selector rule.
Account selection rules can be defined on a role that can contain entitlements that can be provisioned from profiles to automate the selection of applicable accounts.
Account selector rule determines which account to assign the access.
Nope but you can use quite old engine available in iiq and for each entitlement generate role with type entitlement and then set account selector on it.