I have some critical accesses where access must be granted upon user acceptance in a form. I thought about using Sailpoint forms so that the user receives access only after accepting the terms contained in the form. Is it possible to do this type of automation?
I haven’t found a way to integrate this form into the request flow.
We utilize an approval step to handle responses from the end user. We setup a “Service Identity” called something like “Response_Required”.
We then have a few workflows to handle sending the initial form, sending nag emails to the person to complete the form, and another to approve based on the form being submitted.
Hello
Is it also possible to stop an automatic assignemend of a role this way?
We have certain roles that get automatically assigned for granting access to some of our company systems. Those systems do sometimes need a check on the available licenses. We do with a provisioning completed trigger but stopping the automatic assignment would make sure the user never gets access before we extended the licenses.
Sure, when you use the ETS “Access Request Submitted” you need to callback the ETS because this is a ‘REQUEST_RESPONSE’ trigger type. In your case, the Event Trigger should be configured as ‘ASYNC’, so the trigger service will provide a URL and a secret that the custom application (your workflow) can use to complete the invocation at a later time. In this way, your Access Request will only go ahead after all steps on your workflow passed and the callback to your ETS is called.
This callback needs to be called in a HTTP Request action, in the end of you workflow.
Some useful links to help you: Access Request Submitted Trigger Responding Event Triggers
Can you please mark my answer as solution? Hope it helps