We are using SailPoint - ServiceNow Service Catalog integration to raise access requests. If end users are raising a request for multiple roles or access profiles, approvers are getting multiple approval items instead of one approval items having all the role or access profiles information. Also, it triggers multiple emails from SailPoint to the approvers.
Can we combine all role information in single approval items for approvers with a single email?
The way the ServiceNow catalog integration works is to create a separate RITM for each access item (role, accessprofile, entitlement) requested, meaning each one is sent separately to ISC as an access request. Even if they were bundled together in a single API call, I’m fairly certain each access item would present itself as a separate approval in ISC.
Granted, I don’t know everything, but if someone were to present this to me as an absolute requirement that had to be implemented, I would do the following
Create my own catalog item in ServiceNow for submitting access requests
In that catalog item workflow, ensure you are grouping access items together by owner and only generate new RITMs if the requested access items have different owners
Handle the access item approvals on the ServiceNow side, then send over to ISC once approved (where approvals are turned off)
Thanks for detailed explanation. Just curious to know, I tried to submit access request via API for a single user with multiple access items, even though approvers are same it’s creating multiple approval items. In addition to this, it creates multiple ServiceDesk tickets for individual access items, is it a valid behaviour?
I believe so, yes. There is no configuration option to bundle access items together with the same approver in ISC to my knowledge, but you can do it in ServiceNow with some custom development
.