Pre-defined Requests
The Bravura Security Fabric pre-defined request facility provides a high degree of flexibility, allowing access change requests that involve operations on technical resources. Requesters may not understand the technical details, but can express the request in business terms. For example, users may understand they need to hire a contractor, schedule employee termination, or move an employee to a new department, but may not understand the technical requirements of adding accounts on a target system, setting an account termination date, or managing group membership.
Bravura Security Fabric allows you to configure pre-defined requests that:
Define common requests in terms that are familiar to users.
Reduce the number and complexity of steps required to make a request.
You must be a product administrator with the right to configure workflow setup to be able to configure pre-defined requests.
Information regarding the pre-defined request is defined in six tabs:
General | Contains the pre-defined request ID, description, help URL, status of the pre-defined request, where it can be accessed from, approval requirement, intended recipients, and instructions. |
Operations | Defines which operations will be performed on which resources when the pre-defined request is approved. Operations can be performed on managed groups, existing accounts, new accounts, roles, and profiles. You can also define custom operations on other objects. |
Attributes | Defines which attribute groups are included as part of the request. This can include profile and request attributes or resource attributes. |
Access control | Defines criteria by which a request is available to a user. |
Order and display | Defines sections and display of the user interface. |
Summary | Contains a summary of the pre-defined request which includes the general information and lists the operations, attribute groups and default attributes that are configured in the other tabs. |
Pre-defined request status
When creating a pre-defined request, you must set its status. For a pre-defined request to be used it must be enabled. An enabled pre-defined request can be deprecated once it is used.
Submitting pre-defined requests during a certification campaign
Reviewers’ requests to modify or revoke entitlements during a certification campaign are submitted via pre-defined requests. Administrators can add customized pre-defined requests when initiating certification campaigns.
See Certification Campaigns in online product documentation for more information.
Submitting pre-defined requests using report output
Users with the ”Manage reports” administrative right can feed the output of a report back to Bravura Security Fabric ’s workflow engine via a pre-defined request.
After running a report, users can select a pre-defined request to submit, and map report columns to profile and request attributes. The request can be submitted immediately or scheduled along with the report. Segments of the report can be submitted to pre-defined requests with iterative submissions.