New Request Center Feature "Request for my people"

Just noticed with the update today for the request center that if you are a manager you can now request for my people which shows both active AND inactive identities that report to that person. We would like to know if this is something we can turn off (avoid make me like).

Hi @ewojnar,

I don’t believe there is a fix for filtering out inactive identities while requesting for your team.

The current workaround would be to individually unselect identities while making an access request.

I would suggest creating an idea on and sharing the link in this thread for folks to vote for it.

Thank you

There’s already an idea for this and it’s one of the most popular ones.

Hi @ewojnar ,

I don’t know if it will work in the same way, but we had the same kind of problem with the “my teams” displaying inactive users.
To solve the problem we use the manager transform: If the cloudlifecyclestate of the identity is “inactive” the return is “”.
This way, all inactive users no longer have a manager and therefore don’t appear in “my Teams”.

This feature was a surprise, and is creating extra work for us.

Because there is not a way to hide terminated identities, and we are using the manager attribute them, How do I disable the ‘request for everyone’ option?

Hi @ccarlton Go to Admin/Global/System Settings/System Features.
you will find a button with the option : “Enable Request On Behalf Of”.
Here is the documentation : Enabling Requests for Others - SailPoint Identity Services

We have this option set to “Manager’s Only”. Which we want.

This allows Managers to select individual reports and request access for them.

In the past/up until recently, when selecting people, Managers were good about only selecting reports that were employed.

Unfortunately, Managers don’t realize that this new button is generating requests for terminated employees.

We need the manager attribute to be set for a period of time for downstream offboarding interactions.

Until there is a way to declare certain lifecycle states as ‘non-participants’ (report only/audit only, etc.), this ‘request for all my reports’ is doing more harm than good.

This is generating incorrect tickets / work for our downstream folks, who in some cases are not aware these people no longer work for us.

Of course, the best solution would be for SailPoint to not include inactive identities in request center. Until that is implemented, you might try clearing the manager attribute for inactive identities.

the phrasing matches well with the new capability :wink: : New Capability: Management of Inactive Identities
@ccarlton I think it will solve your issue

1 Like