Nice workaround… though really IdentityNow should support this natively, but there’s already an Idea about it.
However, the hardcoded list of profiles will not scale well at all, and will be cumbersome to maintain. Would it be possible to have it trigger only for profiles with a certain metadata tag (e.g. “MaxDuration24h”), rather than a hardcoded list?
Also, I assume the request gets Rejected because there’s no way to a posteriori change the expiration date? I think there were recent changes around how requests and expiration dates are handled, allowing perhaps to send a request with an expiration date for a profil one already possesses, but I haven’t looked at it in depth.
edit: there is the article
Adding an expiration date (or shortening the validity period) can even be done via a Revocation request.