+1 978 658 9387    Login  
Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Contents

Approvals

Application Request Access Workflow

The Application Request Access Workflow enables users to request access to specific applications within an organization. This feature streamlines the process of managing and granting application access, ensuring security and compliance while improving user experience.


How Application Access Works

miniOrange Identity Platform Admin Handbook: How App Access Works

We can create multiple policies for an application, and a group can be configured within a policy. If a user is part of the group, then only the user can access that application. Otherwise, the user will not even see the application on their dashboard.

Reference Links for Better Understanding:


Pre-Requisites

For the application that you want to enable the App Request Access Workflow, do the following:

  • We need to update the App policies if they currently have default groups assigned. Replace those default policy groups with the specific group you want your users to belong to, and have access to that application.
    Explanation: Every user present in miniOrange is part of the default group. If this group is part of the app policy, then all users will automatically get access to that application.
  • Enable capability for end-users to request app access. [Users >> User Roles >> End User Capabilities >> Enable Allow users to request app access]
    Reference: [Configure end-user capabilities]
  • To add approvers other than the miniOrange admin, assign the additional users as admins.
    Reference: [How to add Additional Admin]
  • To allow your additional admin to add/edit the Application Access Configuration, Enable the App Access Config option under Users >> User Roles >> Edit Capabilities >> Apps and Policies.
  • To allow your additional admin to review approval requests, Enable the Manage Approvals option under Users >> User Roles >> Edit Capabilities >> Admin Approvals.

Steps to Configure the Workflow

  • Go to the Apps Section.
  • Click on the icon for the application and select App Access Configuration.
    • miniOrange Identity Platform Admin Handbook: App Access configuration

  • Add the below values:
    • miniOrange Identity Platform Admin Handbook: App Access configuration

    miniOrange Identity Platform Admin Handbook: App Access configuration

    Allow user to request for app access Set this to Yes to enable the App Request Access feature
    Send app request to → Users who can approve the request Search for the users you want to assign for reviewing the requests
    Send app request to → Group of users who can approve the request Search for the groups you want to assign for reviewing the requests
    All Approvers should approve Enable this option if you want all the approvers to approve the request. If any one of them rejects the request, it will be directly rejected
    (Note: Disabling this option allows you to add a minimum number of approvers.)
    Minimum number of approvers If the specified number of approvers approve a request, it will be approved regardless of rejections.
    (Note: If the total number of approvers equals the minimum number, then the All Approvers should approve option will automatically be enabled.)
    Expiry Time (in hours) Requests will expire after the specified time if not resolved.
    If request is approved, send email to A notification email will be sent after approval to approvers, requesters, or other organization users if selected
    If request is denied, send email to A notification email will be sent after denial to approvers, requesters, or other organization users if selected
    If request is expired, send email to A notification email will be sent after expiration to approvers, requesters, or other organization users if selected
    If request is approved, add requester to group Displays all groups assigned to the application via app policies. Select the group to which the user will be assigned upon approval
  • Save the settings.

Flow to Raise a Request

  • Login to the End-User Dashboard.
  • Click on Request App Access.
    • miniOrange Identity Platform Admin Handbook: Request App Access

  • A modal will open.
  • Inside the modal, click on the Apps section and select the Request App Access button against the desired app.
    • miniOrange Identity Platform Admin Handbook: Request App Access

  • A message box will open where users can provide an optional message before raising the request.
  • Click on Send Request to proceed.

Viewing Requests

  • Pending Tab: Displays requests that are open or in progress. Users can also delete requests from this page.
  • History Tab: Displays the status of requests that are concluded.

Approval Workflow

  • After a request is raised, all the approvers for that particular application will receive an email.
  • The email will include a link redirecting to the approvals page (Workflow >> Approvals).
    • miniOrange Identity Platform Admin Handbook: Request App Access

  • On the Approvals Page, you will see two tabs:
    • Pending Tab: Displays requests awaiting your approval.
    • History Tab: Displays requests that are resolved by you or concluded.
  • Each request has a Details button showing:
    • Who else has resolved the request.
    • The number of required approvals.
    • Approvals that have been completed so far.
  • After resolving the request, notification emails will be sent based on the configuration done earlier.

Email Templates

  • Request Access Mail Template
    • Sent when a user raises a request for app access.
    • This template is editable via: Customization → SMS and Email Templates → Request Access Mail Template.
  • Request Resolved Mail Template
    • Sent when a request is resolved by an approver.
    • This template is editable via: Customization → SMS and Email Templates → Request Resolved Mail Template.