RSA Product Set: RSA Governance & Lifecycle
RSA Version/Condition: 8.0 P06
Upon creating an entitlement fulfillment request with the revocation dates included, two distinct requests are created: one for the initial fulfillment of the entitlement and a separate one for its removal. If the fulfillment request is rejected, the associated revocation request remains active and unlinked.
When a Change Request is created with a revocation date, 2 requests get automatically created: one for Access, another for the revocation. The revocation request is an independent request which follows the Workflow associated with it.
Actions performed on Access granting Change Request will not impact the revocation Change Request as they are independent and will function as per their separate Workflows are configured. Change Requests' Workflow paths can neither be modified nor stopped by other Change Requests as both are independently created.
This is functioning as designed.
One of the approach is not to create the revocation Change Request immediately when Add access request is generated, but instead to create the revocation Change Request only when the revocation date arrives. By doing so, if the Add Access Change Request is Rejected before the revocation date the revocation request itself will not be created.
Related Articles
When a role is removed from a user based on a revocation date, the entitlement(s) belonging to that role are not removed f… Number of Views Why automatically generated revocation requests do not add back revoked requests on a revocation date in RSA Identity Gove… Number of Views Auto generated revocation requests Stuck in Fulfillment Phase with AFX errors in connector logs If any Change Item rejecte… Number of Views How the Pending Revoke category functions in the default reviewer interface style of the User Access Review in RSA Identit… Number of Views A revocation request executes immediately in RSA Identity Governance and Lifecycle if the revocation date is defined beyon… Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
