I’m running into the same issue that was brought up in this thread. It does not seem that a solution was ever mentioned in that thread.
To quickly summarize: Role Requests are generating manual tasks that cannot be approved. Role Assignments using Define Assignment provision accounts as expected.
For some additional detail on my specific issue:
- These Tasks are generating across multiple Sources. Here are two sources with this issue
- Salesforce SaaS connector with no SSBPR or any other provisioning rules outside of a Create policy
- JDBC Connector with no Before Provisioning rules
The feature for my Salesforce Saas Connector is here:
"features": [
"PASSWORD",
"DIRECT_PERMISSIONS",
"AI_AGENT_AGGREGATION",
"GROUP_PROVISIONING",
"PROVISIONING",
"ENABLE",
"AUTHENTICATE",
"MANAGER_LOOKUP",
"SEARCH",
"SYNC_PROVISIONING"
],
Here is the feature string for my JDBC Connector:
"features": [
"UNLOCK",
"PROVISIONING",
"DISCOVER_SCHEMA",
"GROUP_PROVISIONING",
"DIRECT_PERMISSIONS",
"SYNC_PROVISIONING",
"ENABLE"
],
It is also worth noting that this is something that only happens when I request a role for an identity that does not already have an account on that source. If I utilize the “Define Assignment” feature, the Role will assign and an account will be provisioned as expected.
Some other potential variables here:
1 - We do have Service Now Service Catalog set up, although I do not believe that this should interfere
2 - Here is our Access Request Config
{
“approvalsMustBeExternal”: false,
“autoApprovalEnabled”: false,
“reauthorizationEnabled”: false,
“requestOnBehalfOfConfig”: {
“allowRequestOnBehalfOfAnyoneByAnyone”: true,
“allowRequestOnBehalfOfEmployeeByManager”: false
},
“approvalReminderAndEscalationConfig”: {
“daysUntilEscalation”: null,
“daysBetweenReminders”: null,
“maxReminders”: null,
“fallbackApproverRef”: null
},
“entitlementRequestConfig”: {
“allowEntitlementRequest”: false,
“requestCommentsRequired”: false,
“deniedCommentsRequired”: false,
“grantRequestApprovalSchemes”: null,
“revokeRequestApprovalSchemes”: null
},
“govGroupVisibilityEnabled”: false,
“fallbackAccessDurationInDays”: null
}
Pretty much grasping at straws here, as I can find basically no other articles or any other documentation on people who see this problem, so any help is appreciated.

