Configure Approvals and Approval Routing
- Phillip Hanegan
EmpowerID utilizes various policies to manage user requests for resource access. These policies verify if approval is necessary before the system carries out the requests and include Access Request policies, Approval Flow policies, and Notification policies. Within this structure, Access Request policies incorporate Approval Flow policies, which define who can grant or refuse access to resources. Further, Approval Flow policies can include Approval Steps, providing a sequential order of approvers. Working alongside these, Notification policies trigger approval alerts when users raise access requests.
EmpowerID comes with pre-set Access, Approval Flow, and Notification policies, creating approval tasks and notifying all involved parties via email. These cater to those with the necessary Role-Based Access Control (RBAC) delegations to approve access requests. However, for finer control, you can override this default mechanism by tailoring these policies to target specific personnel.
The topics in this section guide you through a scenario where we create policies to navigate a request for group membership. Initially, the request goes to the manager of the request initiator for approval, followed by the group's owner for final approval. In this scenario, if any of the approvers reject the request, the system denies group membership. By following the topics, you should be able to gain an understanding of the process and use that understanding to create additional approvals and approval routing for your environment as needed.