While provisioning processes can be triggered through the automated user lifecycle management functionality, OpenIAM also provides a self-service portal through which end-users can request access. This request/access functionality is provided through a shopping cart + service catalog design.
- Applications and application specific entitlements such as membership to an Active Directory group or a role on AWS
- Profile Role – Role defined for a job/position which grants access to a number of applications which are needed for a particular job
The access request/approval workflows support:
- Multiple approvers – You can define as many approval steps as you need and you can select common targets such as a supervisor, object owner or admin, and group of approvers
- Service Level Agreements (SLA) to ensure that tasks are completed in a timely manner so if they are not, they can be escalated to the appropriate person
The access request approval functionality also supports “delegated approval” and “out of office” functionality.
Posts read more