Approval process

IdentityIQ (IIQ) IIQ Discussion and Questions
1

Developer,

I have a requirement where few select entitlements (AD groups) need to go with the separate approval process.
the approval should be done by the user’s manager and user’s director only for those 5-6 groups.

and this should not affect the current approval flow, which is manage and sr. manager for the end user request for any access request in the sailpoint iiq.

kindly guide me how I can take a approach on this matter.

Thanks in advance.
Riyazuddin

2

Hi @Riyazuddin99 ,

you can use Approval Assignment rule to have additional approvals for certain entitlements in Approve and Provision Subprocess in LCM Provisioning .

you can refer to this

https://community.sailpoint.com/t5/IdentityIQ-Forum/Two-step-approval-using-Approval-Assignment-Rule/m-p/33734#M32602

3

@Chathurya ,

Thanks for your response,
I recently got a update on the requirement, to have the approval still manager,

likely user’s manager , sr. manager , etc etc still director.
in this case same approach will be used??

also if you have any rule for the same that will be helpful.

Thank
Riyazuddin

4

Hi @Riyazuddin99 ,

  1. In the approval assignment rule , you will get the list of approvals(as per the approvalscheme) as input and expects the list of approvals as output.Considers the owners in the new approval list for approvals.
  2. you can iterate over the approvals , and check if any of the approval has an approvalItem which requires additional approval as per you requirement.Create a approval object and set the owner ( the additional owner) as per the approval items.
  3. And the created approval object to the list of approvals
  4. Return the new approvals list