Hi all,
We’ve configured a Quicklink Population with an Identity Filter Generator Rule to restrict the list of users that a specific user group can act on behalf of. This is working as expected in the Manage User Access page—only the identities that match the filter are visible and can be requested for access.
However, we’ve noticed that the same user group has access to the “Terminate Identity” operation from the Identity Operations page, and they are currently able to terminate any identity in the system.
What we want to achieve is:
Restrict the “Terminate Identity” action so that the users in this group can only terminate identities that match the same filter used in the Quicklink Population.