How to Prevent Role Requests for Already Detected Roles in Self-Service (IIQ 8.3)

Hey there Sailors,

I’m facing an issue when trying to block (or inform to the user) role requests from the self-service portal if the user already has the role detected.

This is a project requirement, as they don’t want users to be able to request roles that have already been detected. I would like to apply this logic in the self-service portal so that, if a user attempts to request a role they already have, the system either blocks the request or informs the user—possibly with a popup or another type of notification.

I have been reading different entries in the Developer portal, but I am still unsure how to implement this solution. Marking roles as “not requestable” is not an option, as users should still be able to request them if they don’t already have them detected.

The solution needs to be implemented in IIQ 8.3.

Has anyone faced a similar challenge? Any guidance or suggestions on how to achieve this would be greatly appreciated!

Thanks in advance!

Hi @victorsantos2,

you can use a identity Selector rule on quicklink population. On this rule you must crate a filter where you return only the roles there are no present on requestee identity. For example you can apply this rule on everyone quicklink population on roles selector.

Also, to be sure at 100% you can use before provisioning rule too. In this rule, you can delete from the plan every role already present on the identity. This is optionally, only to have one more control.