Hi everyone,
I’m working on a somewhat unusual use case in IdentityNow and I’d love to hear your thoughts or suggestions.
We’re trying to configure an Access Profile, Role, or Entitlement that is requestable without an approval workflow, but under certain conditions, we want the assignment to fail intentionally and trigger a workflow that prevents the completion of the provisioning.
The idea is:
- A user (or someone on their behalf) requests access via Request Center.
- The request is automatically approved (no approval workflow).
- During provisioning, a condition is evaluated (e.g., based on identity attributes or external data).
- If the condition fails, the assignment should be blocked, and a custom workflow should be triggered to handle the failure (e.g., notify, log, escalate, etc.).
I know this is a bit of a reverse logic scenario, but it’s needed for a specific business requirement.
Has anyone implemented something similar or knows if this is feasible within IdentityNow’s workflow and provisioning framework?
Thanks in advance for your support.
Looking forward to receiving your feedback about this.
Kind regards,
Paolo