Skip to Content

Remove action

I have noticed a REMOVE action under Request Type configuration. What does this action do? Remove all roles? Allow the request to show the REMOVE provisioning action?

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • Posted on Feb 11, 2019 at 10:45 PM

    Hi Matthew

    I've had a bit of a search of the code to see this. So far, it's looking like the action for remove is relating to FF Id, SOD, and UAR review processes (i.e. 3 MSMP workflows for access reviews) where the risk/role to user is flagged as REMOVE action. I suspect it also applies to an access request where the existing roles can be set to remove as well (but for access requests like request type 002 change user, I'm wondering if assign object is picking up these scenarios). Also, User Reaffirm process might use it as for remediation purposes.



    Bit more reading and it looks like HR trigger will use the 009 remove as well. Looking at note: 1728790 it looks like making sure expired roles on positions didn't appear in status retain. IdM uses the 006/009/010 for Assgin/Remove/Retain Roles - seems to be the frequent layout for provisioning options for roles.


    Got me a bit curious now to map it out (another item for my invisible list).



    I'm not sure if you can create a request type with action remove to empty all roles from a use as part of account deactivation process.

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.