# Creating campaigns
## Create a new campaign:
1. Navigate to the Campaigns page from the navigation sidebar.
2. Click on the "*Create new campaign"* button.
3. You will see a screen as shown in the below image. Configure your campaign according to your requirements on the right sidebar. Remember to enter the necessary components - *Campaign name*, *start date* and *end date*. Refer to the sub-section [below](#filter-criteria) to understand the filtering criterias for creating a campaign.
Additionally, you can setup [recurring campaigns ](/user-access-reviews/access-review-management/configuring-access-reviews-and-campaigns/creating-recurring-campaigns.md)and [campaign escalations](/user-access-reviews/access-review-management/configuring-access-reviews-and-campaigns/configuring-campaign-escalation.md) as well while creating a campaign.
{% hint style="info" %}
You can optionally attach an [**Attestation Set**](/user-access-reviews/access-review-management/configuring-access-reviews-and-campaigns/attestation-sets.md) to the campaign. Reviewers must answer those questions before they can approve or deny access.
{% endhint %}
4. Once you have configured your campaign, you can either *Save campaign as a draft* to publish later **OR** you can *Publish campaign*. The description for both the operations are given below:
* **Saving Campaign as a draft**\
BalkanID allows risk managers to create a campaign and save it to be published later. Select “*Save as a draft*” and your progress will be saved, and you can access the campaign later.
* **Publishing a campaign**\
When a campaign is ready to be kicked off, you can "publish" the campaign. This will create access reviews and assign them to the appropriate reviewers in your organization along with sending the appropriate notifications (new reviews, overdue reviews, etc.)
A dialog box will appear as shown in the below image, asking you to confirm publishing the campaign. This dialog box will also warn you if any integrations used in the campaign are out-of-sync, indicating that the data you are basing the campaign on might not be up to date.
If there are no out-of-sync integrations, you will see a plain dialog box.
{% hint style="info" %}
**Note:** Reviews for a campaign will only get created once the start date is past. If you have a campaign with a start date in the future, the notifications for the reviews will only be sent out past the start date.
{% endhint %}
### **Publish draft campaigns**
Once your campaign is set up and ready, the **Publish** action makes it **active and initiates the access review process**. This means reviewers will begin receiving notifications and can start working on their assigned reviews. You can easily track the publishing status through a notification that appears (often called a "snackbar").
**How to Publish:**
* **From the Campaign Dashboard:** Click the three dots on the top right to open the action's menu on the campaign card and select "*Publish*."
* **From the Edit Page:** While editing a draft campaign, you'll find a "Publish" option to activate it directly.
Once you hit publish using either of the ways shown above, a dialog box will appear as shown in the below image, asking you to confirm publishing the campaign. This dialog box will also warn you if any integrations used in the campaign are out-of-sync, indicating that the data you are basing the campaign on might not be up to date.
If there are no out-of-sync integrations, you will see a plain dialog box.
### Campaign details
The campaign details section required the following details about the campaign.
| **Field** | **Description** | **Example** |
| --------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------ |
| Name | The title for the campaign. The name is displayed in campaign reporting. | Q4 2021 Audit |
| Description | A short description to provide context on why this campaign has been created. | Review of critical systems for Q4 2021 |
| Attestation set | Optionally attach an Attestation Set to require reviewers to answer standardized questions before approving or denying access. Each campaign supports at most one attached set. | Quarterly reviewer attestations |
| Start date | The intended start date of the campaign. | Nov 1 2021 |
| Auto publish | This is used to automatically publish a campaign when the start date is reached. It is used when a campaign is setup to start at a future date. | Yes/No |
| End date | The target date a risk manager expects the campaign to be completed. | Dec 14 2021 |
| Repetition | Design a periodic schedule for the campaign to recur based on your requirement and convenience. Clicking on custom in the dropdown for this field will open a dialog box where you can enter the frequency of recurrence. | Every *1 month on the* *first day Monday.* |
| Escalation | Create an alert for the access reviews belonging to this campaign to be escalated if they haven't been completed for a certain duration before the due date. | 1 week before due date. |
| Override Defaults | Choose to override the default integration settings during multi-level reviews. Understand configuring multi-level reviews at the integration level [here](/user-access-reviews/access-review-management/configuring-access-reviews-and-campaigns/configuring-integration-specific-multi-level-review-settings.md) and overriding defaults over [here](/user-access-reviews/access-review-management/configuring-access-reviews-and-campaigns/configuring-integration-specific-multi-level-review-settings.md#note-on-overriding-integration-level-settings-in-campaigns). | Yes/No |
| Exclude Reviewers with Insight(s) |
Select specific insights that are applied to the identities of reviewers whose evaluations require escalation for an additional level of review from their line manager. To learn more please refer: /pages/HnWDmWvJGWtLMEh0vah2
| Segregation of Duties (SoD) - Insight |
| Include Nested Entities | Toggle to include nested entity access relationships in the campaign. This will show the full chain of access between entities. To learn more, refer: [Viewing your reviews](/user-access-reviews/access-review-management/tracking-campaigns-and-performing-access-reviews/viewing-your-reviews.md#understanding-the-access-provider-column) | Yes/No |
### Filter criteria
The filter criteria is used to select which identities and entitlements will be reviewed.
#### Understanding the "Has Access To" fields
The **Has Access To** fields are particularly useful in filtering based on how different entities are connected. An example of when these fields can be used:
* To select resources that an identity has access to through a connection, you can simply choose an identity as the entity type and use the Has Access To field to specify the connection that you want to see which the identity has access to.
The **Has Access To** field allows you to filter based on these Entity to Entity relationships. You can use it to narrow down data based on whether an identity has access to a resource. The one specified above is just an example for using the having field. You could get innovative and try selecting data you desire accurately if these fields are used efficiently.
#### Explanation of Fields in the Entity Filter
* **Application**: Select from the list of **applications** that have been integrated into your tenant. This helps filter entities based on specific apps. There can be multiple integrations of the same application but with different credentials.
* **Application Integration**: Choose an **application integration** that has been set up in your tenant. This allows you to filter based on the specific integration you want to focus on.
* **Entity Name**: Select the specific **name** of the entity you want to filter. For example, you can filter by the name of a resource/identity/connection.
* **Entity Type**: Choose the **type** of entity you want to filter. You can filter by **identity**, **resource or connection**.
* **Source Type**: This field refers to the terminology used in the applications that provide the data (e.g., in GitHub as the source system, a "organization-role" and a "team" are mapped as **connection entities** in our model. Here the terms "organization-role" and "team" are referred to as source types).
* **Entity Status**: This field filters based on the activity of the entity within the application. For example, it allows you to filter reviews based on an identity being inactive within the application or if the identity was suspended.
* **Entity Insights**: This filter shows entities tied to specific **insights** set up in your tenant. You can filter based on the insights you’ve created for analysis.
* **Has Access To - Name:** This field is used to look for entities which have access to a particular entity with the name mentioned under this field. For instance, you can filter by the name of a resource/connection which another entity has access to.
* **Has Access To - Type:** This field specifies the **type of the related entity** in a "Has Access To" relationship. For example, if you're filtering to find entities that have access to a particular *resource*, you would select 'resource' here. Similarly, if you want to find entities that are accessed *through* a specific *connection*, you would select 'connection'.
* **Has Access To - Source Type:** This field allows you to filter based on the **source-specific terminology** of the related entity in a "Has Access To" relationship. For instance, if you're looking for identities that have access through a connection whose original source type was "team" (from GitHub), you'd use this field.
* **Has Access To - Status:** This filter allows you to specify the **activity status of the related entity** in a "Has Access To" relationship. For example, you could filter for identities that have access to resources that are currently 'inactive'.
* **Has Access To - Insights:** This filter allows you to narrow down results based on **insights tied to the related entity** in a "Has Access To" relationship. For instance, you could find connections that have access to resources flagged with a specific "SoD" insight.
* **User**: Filter entities based on the **user** selected. This is useful if you want to see data mapped to a specific user.
* **Job Title**: Filter based on the **job title** of users. For example, you can filter for all data associated with users who have the job title "Engineer."
* **Department**: Use this filter to select entities tied to a **department** users belongs to. You can filter data based on the department.
* **Manager**: Filter by a **manager**. This helps you select data tied to users managed by the person you select.
* **Employment Type**: Filter entities based on the **employment type** (e.g., full-time, part-time) of users.
#### **Include versus Exclude**
The filter criteria has two tabs: Include and Exclude.
* Include filters add (or include) particular entitlements that match the filter conditions. For example, setting the `Application: Jira` include filter condition will add all identities and entitlements for the *Jira* *application* to the campaign to be reviewed.
* Exclude filters remove (or exclude) entitlements that match the conditions from the campaign. For example, setting the `Department: Operations` exclude filter condition will remove all identities and entitlements for those employees whose *department* is *operations* from the list to be reviewed.
#### Examples: Using Include and Exclude Together
Here are a couple of simple scenarios to illustrate how "Include" and "Exclude" filters work together:
**Scenario 1: Reviewing Non-Intern Engineers**
Imagine you want to review access for **all engineers** in your organization, but you specifically want to **exclude** any engineers who are **interns**.
Here's how you would set up your filters:
* **Include Tab:**
* Add a filter: `Job Title` **is** `Engineer`
* *(This brings in all identities and entitlements associated with anyone whose job title is Engineer.)*
* **Exclude Tab:**
* Add a filter: `Employment Type` **is** `Intern`
* *(From the set of engineers you just included, this then removes any that have an 'Intern' employment type.)*
Your review campaign will now focus only on non-intern engineers, demonstrating how "Include" casts a broad net, and "Exclude" precisely refines the selection.
***
**Scenario 2: Jira Access Excluding Operations Department**
Consider a case where you want to review all identities that have access to your **Jira application**, but you need to **exclude** any identities belonging to employees in the **Operations department**.
Here's how you would set up your filters:
* **Include Tab:**
* Add a filter: `Application` **is** `Jira`
* *(This brings in all identities and entitlements related to the Jira application.)*
* **Exclude Tab:**
* Add a filter: `Department` **is** `Operations`
* *(From the Jira-related identities you just included, this then removes any whose associated employee works in the Operations department.)*
The combined query ensures that your review campaign will now focus only on identities with Jira access, *except* for those employees in the Operations department.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.balkan.id/user-access-reviews/access-review-management/configuring-access-reviews-and-campaigns/creating-campaigns.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.