New user access request

With BalkanID, any team member can request access for themselves or for others to any support application integration. Requests can be either GRANT (provisioning) or REVOKE (de-provisioning). GRANT requests can be permanent or temporary (specified by end time, when the access is automatically de-provisioned).

By default, every access request goes through a review process. Upon successful approval of the access request (by the assigned reviewer - either manager or application owner or whoever is assigned as the designated reviewer), the request shall get fulfilled immediately (either provisioned or de-provisioned, depending on whether its a GRANT or REVOKE request).

If the fulfillment option for an application integration is selected to be direct integration and auto approved provisioning, then a request GRANT shall automatically result in provisioning of the request in the respective application. Similarly, a request REVOKE shall automatically result in de-provisioning of the request in the respective application. All of these are event driven, which means the provisioning/de-provisioning act happens immediately.

Access request identical to a User (get access similar to another team member)

This will request access that is identical to a different target user.

Access request identical to a Job Title

This will request access that is identical to the access that users with the target job title have in common.

Access request identical to a Role

This will request access that is identical to the access given by the target role.

Access request identical to Custom

This allows the requester to chose the exact access changes they wish to apply to the user, including both GRANTs and REVOKEs. Both GRANTs and REVOKEs can be present in the same request.

Select the identities that should be provisioned or de-provisioned

If an identity for an employee does not exist in an application, BalkanID will automatically create a new identity, corresponding to the access request. If a selected identity is suspended, it will be re-activated and subsequently provisioned or de-provisioned with the requested changes.

Preview the request

Before you submit you're request, you will be presented with a summary of the request details as well as the requested access changes. Once you submit the request, it will be created and be ready for review.

Users, Risk managers and IT administrators can view the list of access requests they have created, along with their progress on the BalkanID dashboard.

Users, Risk managers and IT administrators can view the list of completed access requests on the BalkanID dashboard.

The full audit trail of an access request, starting from creation till the provisioning or de-provisioning is recorded within BalkanID and available to be viewed or downloaded as a report anytime, for audit purposes.

Note: You may see different completion percentages in your My Tasks tab and Access Requests tab for multi level reviews. My Tasks will reflect how much of the actions needed to be taken by you, are completed for a given access request. Whereas Access Requests shows how many total actions by all the reviewers for an Access Request are completed for a given Access Request.