Defining access controls
You can use user classes to create controls determining which users can access a pre-defined request.
To add access controls:
Navigate to the page.
Select the Access control tab.
Click Select… to select existing classes, or Add new... to create a new class.
Configure Participant mapping for each user class you add (where applicable).
Select and create user classes until you have defined control filters.
If your criteria includes multiple user classes, define whether users are required to match All of the user classes or Any of the user classes .
When the Intended recipients is set to anything other than ”Existing users” and/or ”New users”, only single-participant user classes will be available, and mapping will not be required.
Access controls do not apply to certification remediation. If the certification initiator allows it, all reviewers will be able to submit that pre-defined request for remediation.
Example
To define access control in a way that allows a manager to update the profile of his subordinate:
Select the default ”MANAGER INDIRECT” user class
Configure the participant mapping as follows:
MANAGER
REQUESTER
SUBORDINATE
RECIPIENT
Next:
Configure the request wizard.