Sure. Here is what I would include in the support ticket:
Observation
When implementing the Access Request Preapproval trigger, I noticed that access requests that should have failed due to an SOD policy no longer fail, and they continue to be processed by the preapproval trigger and ultimately approved.
Expected outcome
The SOD policy should be evaluated first for any access requests. If the SOD policy fails, the access request should fail. If the SOD policy succeeds, then the preapproval trigger should send the event to the subscriber for further processing.
Actual outcome
An access request is submitted that would fail the SOD policy if the event trigger wasn’t enabled, but since the trigger is enabled it passes the SOD policy and continues to fire the event.
How to reproduce
Please include your steps to reproduce, including screenshots of the SOD policy, the access item that should fail, and the results of the access request in request center.