We are using app for access requests for any application.
However, when came the need to manage differently user, admin, and other populations on AD and EntraID, we created new sources.
Let’s use the hypothesis that our access on the sources are exclusive, in the sense that an access on one source, will never be given to an account on another one. I.E. Admin access will not be given to user accounts.
The problem we have is that at the end of the day, on the employee side, the application is supposed to be the same, and they may not have the ability to differentiate all cases (user, admin, etc).
Is there a way to either use a single app with access from multiple sources, or to simulate a similar working. The goal is for the access request to select an app, then being able to select between a catalog of access from different sources, so the user does not need to know on which source the access come from.
We found an idea similar to this need: GOV-I-881
But as there is no news, I wish to know if any other alternative was found since then.
We are currently using Roles for all the automatic provisioning. However for manual one, we chose the application.
When an end user want to request an access, it is easier for him to first searcxh the application then chose the one access he needs instead of all roles on the same page.
Moreover they are more used to this as this is similar to the ServiceNow ticketing in place today.
For now the process is as follow:
User wants acces
Either request for self of manager request for him using ServiceNow
L1 team will take the ticket, and request the same access on the request center. Choosing the right AP then the corresponding access.
At the end we will solve it by directly connecting SNow to ISC, so we will not need to the application UI. But for now, it might be confusing. (different App for user and admin)