Request for Others - Manager Info

ffalcitelli · March 18, 2025, 9:29am

Hello,
I have a question about the request for other section.
By documentation we have only 2 possibilities:

All the users can request for others (visibility scope is not available)
Only manager can see the section “Request for Others”

Actually we use the second option.

My questions is?

It is enough to be the manager of any Identity on Sailpoint to see the section “Request for Others”?

My client would like that all the internal users can see “Request for Others” section. But not all the internal users are managers.
To enable this section to a non-manager user do I need to create a “dummy” identity e set in the manager field my non-manager user ?

The other requirement is that all the consultants can request access for other consultant of the same company. Is this possible only via a custom form ?

Thanks

Chaithu9110 · March 18, 2025, 9:56am

Assign the Role to Users:

Assign this role to users who should have access, such as non-managers. This can be done through Identity Attributes like department, title, or custom fields.

ffalcitelli · March 18, 2025, 9:58am

What role ?
Manager is a role ?

Chaithu9110 · March 18, 2025, 10:01am

SailPoint IdentityNow, roles are collections of permissions and entitlements that define what users can access and what actions they can perform. Roles can be assigned to users to grant them specific access rights to systems, applications, and resources.

Chaithu9110 · March 18, 2025, 10:02am

In many organizations, a Manager is often defined as a role that has specific responsibilities, including the ability to oversee and manage the access requests for their direct reports.

ffalcitelli · March 18, 2025, 11:08am

Ok, but I would to know what unlock the section “Request for Others”. It is enough to be the manager of any Identity on Sailpoint to see the section “Request for Others”?
You speak about “Role”: It is possible to assign a specifi Role to the user to unlock to section “Request for Others” ?

What is the definition of “Manager” in Sailpoint?

Chaithu9110 · March 18, 2025, 1:31pm

Admin > Global > System Settings

Tulasi · March 18, 2025, 1:46pm

If U configure like this then it will solve your problem I hope ,then any user in the ISC will be able to request access on behalf of anyone

KRM7 · March 18, 2025, 1:52pm

Hi Francesco,

When you access Request Center, you see below options.

If you are a manager for at least one Identity, you will see Request for your team.

Request for others, by default anyone can request on behalf of others which you can see in Global → System Settings → System Features

ffalcitelli · March 18, 2025, 3:42pm

I know that there are 2 options.

All the users can request for others (visibility scope is not available)
Only manager can see the section “Request for Others”

Actually we must use the second option because the client does not want this option for all.

But my question is if is possible to unlock this section “Request for Others” also for employees that are not manager in some way.
To enable this section to a non-manager employee do I need to create a “dummy” identity e set in the manager field my non-manager user ?

Thanks

KRM7 · March 18, 2025, 4:46pm

Yes, that would work

Carlatto · March 19, 2025, 1:00am

No this will not work. When using the Managers Only feature, the Managers’ are only able to Request On Behalf of their direct reports.

Unfortunately there isn’t another way to filter who has this option.

ffalcitelli · March 26, 2025, 2:59pm

I have this settings:

I created a non-employee: ros.dallara
I created another non-employee: ver.chiari
This second users has manager ros.dallara

If I try to login in Sailpoint as ros.dallara I see the 3 possibilities:

When I click “Request for your Team” I can only manage ver.chiari (and this is correct).
When I click “Request for Others” I see only ver.chiari:

I don’t understand how works !
So is present in Sailpoint a visibility logic in this menù ?! How works ?

Because my client wants that:

Employees can request for all the Identities in Sailpoint
Suppliers can request only for users of type Supplier with the same company and the MUST not see all the Employees in Sailpoint

Thanks

KRM7 · March 26, 2025, 3:43pm

By default, Request for your team shows identities reporting to you. There is no change in that.

Request for others, if you select only for managers in System features then only managers can request for others that too for reportees only.

ffalcitelli · March 26, 2025, 4:18pm

In this way I don’t understand the usefulness of the “request for others” !
The 2 sections “Request for your team” and “Request for others” are the same and do the same thing.
Why Sailpoint shows “request for others” when I enable the option “Manager Only” in the settings System Features ? The functionality is the same of “Request for your team”.
I think that, if the product works as you write, the section “request for others” should appers only when I enable “Everyone” in the settings System Features.

KRM7 · March 26, 2025, 4:29pm

I get that, but why do managers request for others who are not reporting to him/her.

I wish that Request for others option disappear if you select managers only in System Feaures.

If you click on Request for your team, for all reportees you are requesting access. If not for all the reportees, then choose the reportees from Request for others.

Carlatto · March 26, 2025, 4:30pm

“Request for team” will request the access for every Identity that reports to the manager making the request. So if you have 4 people in your team, all 4 people should be added to the request.

“Request for others” allows you to choose which of the people on your team get should be added to the access request.

system · May 25, 2025, 4:30pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.