If we are making a role and adding 3 entilements and only one should get approved and rest 2 entilements should be on hold and should not be provision is that can be unless and untill the first entilemment is approved can we achive this in ISC

if we are making a role and adding 3 entilements and only one should get approved and rest 2 entilements should be on hold and should not be provision is that can be unless and untill the first entilemment is approved can we achive this in ISC??

1. create Role A, Role B.
2. RoleA gets approved.
3. Based on Role A’s ent contents create Id attribute saying true/false.
4. In Role B, add a criteria if True from id attribute.
5. Role B will be auto assigned to user.

This could be a preferred approach

Another option would be:

Create an Access Profile A

• It contains Entitlement 1
• Have it require approval(s)

Create Role A (Auto-Assign):

• Assignment Criteria would include: Entitlement EQUALS Entitlement 1.
• Access: Contains Access Profile B (which holds Entitlements 2 & 3).

Hi @Rakesh_Singh_1234

You could also have a workflow based on trigger Access Request Decision. Here you could check if the user is assigned with your entitlement and this request was approved, then add this assignment and similarly when the revocation.

The same workflow could also work if you have approval flow for revocation also setup but if it is not there, then you can setup another workflow which can be based on access request submitted, here you can check if the request is for revoke access and is for your role, if both conditions matches, then you can proceed with the removing the additional access.

I hope this helps.

Regards
Vikas.