Following up on this, I was just playing around the “Role Discovery” and I created my first role. As “expected” after the introduction of this change, all access profiles generated by Role Discovery are now requestable!
If we’re building roles based on tailored searches, why would I want to have all those generated access profiles requestable in the first place?
If I didn’t follow this thread, I wouldn’t have known/imagined the generated access profiles were going to be available for my end-users in the Request Center, and it doesn’t make sense the extra step to make them non-requestable, either via the UI or API calls.
This was a long thread, so maybe I just missed the reason of these changes, @SarahKhan could you please explain to me why the new Request Center needs access profiles made requestable by default?
Also, given all the arguments provided regarding security and extra work thrown on customers that need to enforce strict approval processes to meet compliance, are you and your team reconsidering this?
I’ve seen other PMs opening enhancement projects to apply feedback provided by the community, is SailPoint planning to do this any time soon?
Thanks!