Hello,
I have this requirement:
I have a workflow with an approval step. I’m using the Action Form Approve but I don’t know how to set multiple recipients.
We will receive the list of recipients by calling an external API but I don’t know how set these users to the approval step.
All the users must approve in parallel and not serially. The first user that approve will move the request forward in the workflow.
Could you help me ?
Thanks
1.variable : u need to give $approvesrlist
2.from approval step give :recipients = approverslist and approvaltype = any
Hi Francesco,
Currently, it is not possible to instantiate a form for a governance group. When instantiating a form, you must indicate an identity in the recipient field.
That said, I see that there is an idea posted on our ideas portal, where you can vote: Forms to be sent to a Governance Group
You can also define a governance group directly in your access profile/role in the approvers list.
But it’s possible to instantiate a form to a list of users ?
For example I have 3 approvers that must open the form to approve. This is possible ?
This is not possible .
form instance can be assigned to the single identity . I was having the same issue and then i opened ticket with sailpoint and they confirmed and planning to implement in future release.
No, it is not possible. Like I said you can only instantiate for one identity.
Ok, is not possible send a Form to multiple users but it’s possible to send an approval to multiple users (that are not static governance group) ?
For example:
I request the group AD → testGroup1
This request must be approved by 2 person that are dynamic (for example they are the responsables of my company).
I cannot create a governance group for every company because we have more than 10.000 companies.
How can I do this ?
Thanks
These approvals should be dynamically added based on what? You need to define this dynamic approver, but you can use the ETS Access Request Dynamic Approver to add approvers depending on certain logic. But even with this solution you need to stablish some logic in a workflow to dynamically send this new level of approval in your access request. This links should be useful for you:
ETS Access Request Dynamical Approver
Yes Maria,
I saw the Access Request Dynamic Approval document.
The problem is that this Dynamic Approval return only ONE approver.
“The Access Request Dynamic Approval event trigger provides a way to route a request to an additional approval step by an identity or a governance group”
The problem is that an identity is singolar.
But in my case I have for example 2 approvers.
Extreme scenario:
Image an identity with these attributes:
name
surname
mail
genericUidApprover1
genericUidApprover2
When this user request the group AD → testGroup1
this must be approved by genericUidApprover1 OR genericUidApprover2.
This in parallel and not in series. The first user that approve will move the request forward.
I cannot create a governance group with genericUidApprover1 + genericUidApprover2 because these users are different for every identity in sailpoint.
Thanks
