Enhancement: Application Page Conditional Display

Description

:bangbang: We’re streamlining the access request flow for customers who have chosen not to use Applications!

Until now, users at customer organizations that haven’t configured applications for access requests have seen an empty Applications tab in the Request Center, with instructions to click Access Items to view requestable items.

Now, they’ll be taken straight to the Access Items page—saving a click and reducing confusion!

Note: Any user with available access request recommendations will still see that tab as their initial view in the Request Center.

Action Required

No action is required to enable this new behavior. If no applications are configured for access requests, the Applications page will automatically be suppressed.

Important Dates - UPDATED

This is being rolled out in the next couple of weeks:

  • Sandbox: Thursday, June 5, 2025
  • Production rollout: June 19-24, 2025 (Due to a scheduling oversight, the production enablement was delayed a week from the original plan.)

:bangbang: By RSVP’ing to this event you will be reminded of this release prior.

9 Likes

Any chance this could become a configuration flag to make Access Items the default, even for those of us who do have applications configured? Sort of linked to: https://ideas.sailpoint.com/ideas/GOV-I-4279

2 Likes

Not as part of this update, but we can definitely consider that for future.

Sweet! I agree with @adunker here for ideal situation, but already very happy to see this update. Just checked and it looks great in sandbox!

This is great but i see lots of time issue while creating application , AP attached to application is sometime visible and sometimes its take lot of time and we don’t have any clue what is going behind the scene and when these AP will be visible.

Hi @jennifer_mitchell,

This was a pain until we had applications turned on in fact. I am glad to see enhancements that are so specific. Please do share what you have in store for us all next.

How does this work with the new “Recommended” tab?
Can we hide this too?

I included a note in the announcement above that for users who have recommendations, those will still show first. Not all users will always have recommendations, but when they do, they are the items our AI recommendations engine has identified as appropriate for the user based on an analysis of their access and the access of identities similar to them in various ways.

That Recommendations tab is not new - it has long been how we show access request recommendations. If it is new to you, it is likely that you have seen it before because you did not have recommendations identified for you.

1 Like

Thanks - I don’t suppose there is a way to disable recommendations?
We’re just starting out - So the recommendations are pretty bad :frowning:

Simon -
If you are in early stages of implementation and are in a data state that is not ready to have recommendations enabled, you should be able to request (through your SailPoint representative - CSM, account manager, services consultant, or if none of the above through a Support ticket) to have the recommendations product flag disabled for you. Likely you are in a suite level that includes it so it was auto-enabled for you on tenant creation.

We see the effects in our production environment correctly :slight_smile:

Unfortunately we also observe the recommended items first. It is also not clear that the recommendations are recommended by an AI, so end users might think it was personally recommended by a human like an application manager. This can trigger access request creep, adding unnecessary actions for approvers to reject, and if rejected wrongly, it can trigger privilege creep.

Knowing that we prefer to have filters in the request center such as filter on roles that relate to a specific source, I recommend SailPoint to not have a special tab for recommended access, but instead just show the access items directly, allowing people to search for roles, and apply a filter, which can include the filter “Only show recommended roles” similarly to how it can include the filter “Only show roles regarding source A” or “Only show roles with metadata B”.

Now our end users still have to click on a different tab to be able to search for roles. If they now type a query and hit search, they will get the wrong items, (only recommended roles) and they would then need to click on roles, and then they discover that the query has disappeared, requiring them to type it all over again.

You could tell them to just request the recommended roles (which can cause unnecessary work) or to just hit ignore on these recommended roles. But in the latter case this triggers an “are you sure, if you hit ignore, we won’t recommend this access item again.” message, which might deter users from hitting ignore just in case they ar e actually interested in the recommendations several months later.