Login  
Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Contents

Approvals

Application Request Access Workflow

The Application Request Access Workflow enables users to request access to specific applications within an organization. This feature streamlines the process of managing and granting application access, ensuring security and compliance while improving user experience.


How Application Access Works

miniOrange Identity Platform Admin Handbook: How App Access Works

We can create multiple policies for an application, and a group can be configured within a policy. If a user is part of the group, then only the user can access that application. Otherwise, the user will not even see the application on their dashboard.

Reference Links for Better Understanding:

Pre-Requisites

For the application that you want to enable the App Request Access Workflow, do the following:

  • We need to update the App policies if they currently have default groups assigned. Replace those default policy groups with the specific group you want your users to belong to, and have access to that application.
    Explanation: Every user present in miniOrange is part of the default group. If this group is part of the app policy, then all users will automatically get access to that application.
  • Enable capability for end-users to request app access. [Users >> User Roles >> End User Capabilities >> Enable Allow users to request app access]
    Reference: [Configure end-user capabilities]
  • To add approvers other than the miniOrange admin, assign the additional users as admins.
    Reference: [How to add Additional Admin]
  • To allow your additional admin to add/edit the Application Access Configuration, Enable the App Access Config option under Users >> User Roles >> Edit Capabilities >> Apps and Policies.
  • To allow your additional admin to review approval requests, Enable the Manage Approvals option under Users >> User Roles >> Edit Capabilities >> Admin Approvals.

Steps to Configure the Workflow

  • Go to the Apps Section.
  • Click on the icon for the application and select App Access Configuration.
    • miniOrange Identity Platform Admin Handbook: App Access configuration

  • Add the below values:
    • miniOrange Identity Platform Admin Handbook: App Access configuration Details

    miniOrange Identity Platform Admin Handbook: App Access configuration Details

    Allow user to request for app access Set this to Yes to enable the App Request Access feature
    Send app request to → Users who can approve the request Search for the users you want to assign for reviewing the requests
    Send app request to → Group of users who can approve the request Search for the groups you want to assign for reviewing the requests
    All Approvers should approve Enable this option if you want all the approvers to approve the request. If any one of them rejects the request, it will be directly rejected
    (Note: Disabling this option allows you to add a minimum number of approvers.)
    Minimum number of approvers Minimum approval required to approve and conclude the request; otherwise, it will move from Open to In-Progress.
    (Note: If the total number of approvers equals the minimum number, then the All Approvers should approve option will automatically be enabled.)
    Expiry Time (in hours) Requests will expire after the specified time if not resolved.
    Allow time based access If selected, Time-Based Access options will be displayed on the Request App Access screen (One-Time Access and Time-Based Access). otherwise, users can submit the Request App Access without time-based access.
    Minimum number of hours to access the app (in hours) Admin can configure Minimum number of hours to keep difference between Hrs. From Date and Until Date, Default value is 3 Hrs.
    If request is approved, send email to A notification email will be sent after approval to approvers, requesters, or other organization users if selected
    If request is denied, send email to A notification email will be sent after denial to approvers, requesters, or other organization users if selected
    If request is expired, send email to A notification email will be sent after expiration to approvers, requesters, or other organization users if selected
    If request is approved, add requester to group Displays all groups assigned to the application via app policies. Select the group to which the user will be assigned upon approval
  • Save the settings.

Flow to Raise a Request

This will be released soon

  • Login to the End-User Dashboard.
  • Click on Request App Access.
    • miniOrange Identity Platform Admin Handbook: Request App Access

  • A modal will open.
  • Inside the modal, click on the Apps section and select the Request App Access button against the desired app.
    • miniOrange Identity Platform Admin Handbook: Request App Access Popup

  • Time based access - True.
  • User can Select the Time based option (One time access or Time Based Access), select Access Days to Limit/Time based access and a message if required (Optional).
    • miniOrange Identity Platform Admin Handbook: Time Based Access- true

  • Time based access - False .
  • A message box will open where users can provide an optional message before raising the request.
    • miniOrange Identity Platform Admin Handbook: Request Message Box

  • Click on Send Request to proceed.

Viewing Requests

  • Pending Tab: Displays requests that are open or in progress. Users can also delete requests from this page.
  • History Tab: Displays the status of requests that are concluded.

Approval Workflow

  • After a request is raised, all the approvers for that particular application will receive an email.
  • The email will include a link redirecting to the approvals page (Automations >> Approvals).
    • miniOrange Identity Platform Admin Handbook: Approval Request Email

    miniOrange Identity Platform Admin Handbook: App Approvals

  • On the Approvals Page, you will see two tabs:
    • Pending Tab: Displays requests awaiting your approval.
    • History Tab: Displays requests that are resolved by you or concluded and Approved requests can be Revoke if the user does not require further access.
  • Each request has a Details button showing:
    • Who else has resolved the request.
    • The number of required approvals.
    • Approvals that have been completed so far.
  • After resolving the request, notification emails will be sent based on the configuration done earlier.

Administrators can

  • Grant time-bound application access and without time-bound application access.
  • Allow one-time access requests.
  • Manually revoke the access.
  • Automatically revoke access after expiration.

Email Templates

  • Request Access Mail Template
    • Sent when a user raises a request for app access.
    • This template is editable via: Customization >> SMS and Email Templates >> Request Access Mail Template.
  • Request Resolved Mail Template
    • Sent when a request is resolved by an approver.
    • This template is editable via: Customization >> SMS and Email Templates >> Request Resolved Mail Template.