I also take exception to the inclusion of this auto-reject rule
If I am an application owner and a user contacts me directly about getting access, I should be able to submit a request on their behalf and be able to approve it as the access owner.
I don’t understand why this would be an issue.
I am not attempting to approve my own access. “Requestor” is not the same person as Requested For, so there is no conflict.
Requestor is not even a ServiceNow field. The script include SP_SPNT_SNOW_INT_WORKFLOW_MLAUtils is referencing opened_by
This should be removed or at least made optional through a system property flag. What’s funny is that is an option depending on what type of approval rule you have chosen.
You cannot bypass the opened_by being the same as the returned approver for these approval rule types
- ServiceNow Group
- ServiceNow Script
- IdentityNow Governance Group
But you can if you use one of these approval rule types
- ServiceNow User
- IdentityNow Owner
- IdentityNow Manager
You have the ability to allow the person who opens the request to still be an approver by checking true for the system property x_sap_intidn.self_approval_auto_approve.
The latter types of approval rules call a different validation function. Why is there a difference in how they’re evaluated?
