Assigning static authorizers
To assign static authorizers to a role:
Navigate to the Role information page .
Select the Authorization tab.
Select a phase if phased authorization is enabled.
Click Select… at the bottom of the Authorizers table.
Search for, or enable the checkboxes next to the authorizers that you want to assign.
Click Select at the bottom of the page.
Note the following:
When a request is submitted to add or remove a role, the request must also be approved by each of the authorizers configured for each of the role’s required resource entitlements.
If any of the role’s required resources, such as a template or group membership request, is denied by an authorizer, the entire role is denied.
A role is only provisioned to the user when all of the required resources have been successfully provisioned.
The Denial blocks entire request flag should be unchecked for the authorizers if the role is only to be denied when optional resources are denied, otherwise the entire role could be denied if an authorizer is only intending to deny an optional resource.