Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Approval workflow process

Go to solution
Former Member

on ‎2009 Feb 04 5:40 AM

0 Likes
456

Hi,

I have one doubt regarding approval process, I created an approval process for new user. But before the approver approves the request the new user is able to login to the workflow.

I believe the process should be like, only after the approver approves the new user should be able to login. Is my understanding right?

Or is it like in the approval decline task I need to define the deprovision process? If so Is there any option not to create a user in identity store until it is approved.

Regards,

Pricy

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎2009 Feb 04 6:02 AM
0 Likes

Hi Pricy,

The new user is able to login, due to the existence of password (MX_PASSWORD) before the approval task.

So, don't use MX_PASSWORD in your pass where identity entry stores in "Identity Store".

Create a pass in a job under your approval task (under Approve) that can be used to store password in MX_PASSWORD.

Means the password will be available only when approver approves, then only new user can login.

hope this helps you.

regards

Anand.M

Show replies
Show replies
Former Member
‎2009 Feb 04 6:09 AM
0 Likes

Hi Anand,

As when adding user only with some base data it would be fine if we dont specify the password attribute, but if while adding a new user with provisioning details will it provision to the respective systems before it is approved?

Regards,

Pricy

Former Member
‎2009 Feb 04 6:16 AM
0 Likes

Hi Pricy,

Question is not clear to me. Still try to answer.

MX_PASSWORD for workflow login

MX_ENCRYPTED_PASSWORD for provisiong

so you configure a job after approval task with 2 passes

1 pass which stores password (MX_PASSWORD) and (MX_ENCRYPTED_PASSWORD)

2 pass for provisioning using MX_ENCRYPTED_PASSWORD

MX_PASSWORD need not be used only when u create a new user.

regards

Anand.M

Former Member
‎2009 Feb 04 6:33 AM
0 Likes

Hi Anand,

my question is :

If i have defined an approval task for adding a role or privelege to the user.

(As of now when i submit a new user request (before approval) the user gets created in IS.) will the provisioning of privelges to the user will happen as soon as he submits the request? or will it happen only after approval.

I think my question will be clear now . Assume the user entry is already in IS with encrypted password.

So when a user request for a privelege will that be provisioned as soon as he submits or will it provision only when the approver approves?

Regards,

Pricy

Former Member
‎2009 Feb 04 7:47 AM
0 Likes

Hi Pricy,

Clear Now!!

*Request Role* (Approval Task) (Access Control - All Employees)

- Approve (Access Control - Approver)

-- Provision User (Action Task)

--- Job

- Decline

-- Nothing

1) So first end user access Request Role Task (provisioning will not happen)

2) Next step goes to approver

3) if Approver Approve approves then Provision User Task triggers

4) if Approver Decline declines then Nothing

Finally means Provision User triggers only when the "Request Role" task is approved

regards

Anand.M

Former Member
‎2009 Feb 04 8:05 AM
0 Likes

Hi Anand,

My doubt is cleared. Thank You.

Regards,

Pricy

Answers (0)

Ask a Question