Can permissions be revoked directly without the need for user consent in the authorization process?

Identity Security Cloud (ISC) ISC Discussion and Questions
, ,
1

Continuing the discussion from When inactive, remove entitlements or access profile:

:bangbang: Please be sure you’ve read the docs and API specs before asking for help. Also, please be sure you’ve searched the forum for your answer before you create a new topic.

I’ve been utilizing a workflow for automatic permission revocation through HTTP communication. When there are changes in user information, I initiate the revocation process via the ‘revoke’ endpoint and send an approval request.

Is it feasible to revoke permissions without necessitating explicit approval? Can permissions be revoked directly without the need for user consent in the authorization process?

2

Hi @sec_tech,

Yes, you can revoke the access without necessitation approval.

  1. If Approval for Revoke is not set, then no approval workflow will be triggered and access will be revoked automatically.
  2. If Approval for Revoke is set, then you could use list-pending-approvals | SailPoint Developer Community to list the approvals and use approve-access-request | SailPoint Developer Community to approve the request through API only.
1 Like
3

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.