As an organization owner of an Identity Governance and Administration (IGA) enabled organization, you manage organization and service roles requests through the Governance > Requests page in Cloud Services Console.

The option to submit self-service requests is available to organization members only if this option is activated in your organization.

If request for additional roles is activated, organization members request access by... If request for additional roles is not activated...
clicking the Request Access link on a service tile in the Cloud Services catalog. the Request Access link in the service tile is not clickable.
clicking the Request Roles link on the My Account > My Roles page. the Request Roles link is not displayed on the My Account > My Roles page.

How do I activate or deactivate self-service requests

To activate or deactivate self-service requests for additional roles in your organization, do the following:
  1. Go to Governance > Requests and click Settings.
  2. Click the Request for additional roles slider to either activate or deactivate the setting.
  3. Click Save.

How do I process pending requests?

All incoming requests for organization and service role access are listed in the Pending Requests section. The Past Requests lets you view historical data for all requests created in your organization.

To approve or deny requests, select one or several entries in the Pending Requests list and click the respective button. The users requesting the role access receive an email notification when their request is approved or denied.

Can I modify access requests before I approve them?

As an organization owner, you can modify the time period for service role access requested by an organization member. You view the time period of the original request by clicking the Request ID link. To change the requested time period, click Approve, then select Approve with modification. Change the setting and submit the change you made.
Note: The Approve with modification option is available only for service role access requests and is not applicable for organization roles.

Organization owners cannot modify the service or role access originally requested by the organization member. If you want to provide guidance to the requester about the proper level of access you are willing to approve, you have the option to include a message when denying their request. The requester receives an email notification and can submit a new access request with the appropriate organization and service roles.