When a manager certification is created, does anything associated with the Birthright role—such as access profiles or entitlements—fall under the certification process? Specifically, do these need to be approved or revoked, or will simply acknowledged the role without requiring action as they are associated with the role?
Hi Varsha,
Access granted through Birth right roles will fall under the certification process. However, you can only acknowledge it and NOT take any decision on the said access.
FYI
Roles assigned to users through automated assignment criteria can only be acknowledged since the role model controls the role assignment.
Hi Zeel,
Thank you for your reply!
I’d like to explain the process we’re currently following in our organization. We do not utilize request-based provisioning; instead, we focus on onboarding applications that are (disconnected applications)
Once onboarding is complete, we create access profiles for the specific application and attach these profiles to the associated birthright roles.
My main question is: when the certification is generated, we do not want to certify these access profiles. Our intention is to simply acknowledge the roles since the access profiles are part of the birthright. However, I noticed that when I created the certification, the access profiles were still coming up for review.
What are your thoughts on this? I appreciate your insights!
I tried this scenario and I observed that access profiles which are assigned by the role (assigned by assignment criteria) are not present in campaign. Also if the role is added to the campaign, reviewer can only acknowledge it.
In your case I was not use if the role is attached before you add the access profile or after. Also do you have assignment criteria ? assuming this as you do not use access request.
Can you try to create a new role once you create access profiles and check if you are still seeing access profiles in campaing.