Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
devel:documentation:roles:dev:universal_requests [2019/02/14 13:44] kotisovam parts moved to admin guide section |
devel:documentation:roles:dev:universal_requests [2021/03/09 11:03] husniko [Workflow process for roles] |
||
---|---|---|---|
Line 86: | Line 86: | ||
< | < | ||
- | {{: | + | {{: |
==== Workflow process for business roles ==== | ==== Workflow process for business roles ==== | ||
Line 93: | Line 93: | ||
{{: | {{: | ||
+ | |||
+ | |||
+ | ==== Configurable role guarantor type for role change request ==== | ||
+ | {{tag> | ||
+ | By default a role is approved by any guarantor defined for that role. **If you need to restrict approval to only guarantors with a specific type**, then you can use the configuration item **idm.sec.core.request.idm-role.approval.guarantee-type**, | ||
+ | |||
+ | If the value is not defined or item does **not exist**, then **all guarantors are used for approval**, regardless of what type they have defined. The described behavior is the same for guarantors defined by **identity** or **role**. | ||
+ | |||
+ | <note tip>**By default**, this configuration item (**idm.sec.core.request.idm-role.approval.guarantee-type**) is empty. This means that approval will be run with all guarantors (regardless of their type).</ | ||
===== Limitations ===== | ===== Limitations ===== | ||
<note warning> | <note warning> | ||
<note warning> | <note warning> | ||