Users can request access to company resources using self-service registration
Self-service registration
Delegated administrators can now set up an Oracle Life Sciences IAMS role so that when an unauthorized user attempts to access the resource associated with the role, the user is redirected to an authorization request page. On this page, the user can enter a justification and submit a request for access. This feature, called self-service registration, is inactive by default.
To manage self-service registration, a new button has been added to the top of the role page in the Oracle Life Sciences IAMS Identity Self Service console: Select Authz Error Page. The button opens a dialog box where you can select the option Authz Request Page to show the authorization request page to unauthorized users.
Approval workflow
Delegated administrators can opt to enable an approval workflow for those roles where self-service registration is active. When activated, access requests submitted by users must be approved to grant the role to the user. This feature is inactive by default.
If approval is inactive but self-service registration is active, when a user submits an access request, it is automatically approved and the user can access the resource.
When activating the approval workflow, you can choose whether Oracle Life Sciences IAMS should send email notifications to the requesting user on the status of their access request.
To manage the approval workflow, a new button is added to the top of the role page in the Oracle Life Sciences IAMS Identity Self Service console: Enable/Disable Approval. The button opens a dialog box where you can select to enable the approval workflow with or without target user notification. When the approval workflow is active, this dialog box shows a link to deactivate the approval workflow.
Approver role
A new role, Approver, is required if you activate the approval workflow. This role allows users to process access requests received through self-service registration. Users with this role can view, approve, or reject access requests by accessing Pending Approvals under the Requests menu in the Oracle Life Sciences IAMS Identity Self Service console.
To create this role for your organization, submit a request to Oracle Support. When the role is available, assign it to a user who will be responsible for approving or rejecting access requests.
Note:
User accounts that have the Approver role cannot process their own access requests.Parent topic: Enhancements in release 1.4