As an Organization Owner user of an Identity Governance and Administration (IGA) activated Organization, you manage Organization and service roles requests through the Governance > Requests page in Tanzu Platform cloud services console.
The option to submit self-service requests is available to Organization Member users only if this option is activated in your Organization.
If request for additional roles is activated, Organization Member users request access by… | If request for additional roles is not activated… |
---|---|
clicking the Request Access link on a service tile in the cloud services catalog. | the Request Access link in the service tile is not clickable. |
clicking the Request Roles link on the My Account > My Roles page. | the Request Roles link is not displayed on the My Account > My Roles page. |
To activate or deactivate self-service requests for additional roles in your Organization, do the following:
All incoming requests for Organization and service role access are listed in the Pending Requests section. The Past Requests lets you view historical data for all requests created in your Organization.
To approve or deny requests, select one or several entries in the Pending Requests list and click the respective button. The users requesting the role access receive an email notification when their request is approved or denied.
As an Organization Owner, you can modify the time period for service role access requested by an Organization Member. You view the time period of the original request by clicking the Request ID link. To change the requested time period, click Approve, then select Approve with modification. Change the setting and submit the change you made.
NoteThe Approve with modification option is available only for service role access requests and is not applicable for Organization roles.
Organization Owners cannot modify the service or role access originally requested by the Organization Member. If you want to provide guidance to the requester about the proper level of access you are willing to approve, you have the option to include a message when denying their request. The requester receives an email notification and can submit a new access request with the appropriate Organization and service roles.
Parent topic:What is Identity Governance and Administration and how does it work with Tanzu Platform cloud services