Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

This article describes the approval handling for certificates in the Workplace package in Smart ID Identity Manager. The approval step is used in different use cases for Smart ID Identity Manager, such as Enroll profile, and Lock certificate. For more information, see Smart ID Workplace use cases.

The approval handling is used when someone else must approve something before you can proceed with the use case.

To approve or reject a request, you must have the Workplace certificate agent role in Identity Manager Operator.

Create approval request

 Create approval request for enrollment (P10, P12, ACME, SCEP)

Depending on the approval settings of the certificate profile, either an approval for enrollment is required or not. 

Use case details

 Overview and technical details
Sub process description

A Workplace certificate agent wants to have a general sub-process for approval scenarios to create the initial request with all relevant information depending on locking a certificate or enrolling a certificate profile.

Outcome

The request for approval has been created and needs to be approved by using another process.

Symbolic name

AssetsProcApprovalRequest

Process name

Approval request

ComponentIdentity Manager Operator
Process startSub-process being called
 Create approval request for revocation/locking

Depending on the approval settings of the certificate profile, either an approval for locking/revocation is required or not. 

Use case details

 Overview and technical details
Sub process description

A Workplace certificate agent wants to have a general sub-process for approval scenarios to create the initial request with all relevant information depending on locking a certificate or enrolling a certificate profile.

Outcome

The request for approval has been created and needs to be approved by using another process.

Symbolic name

AssetsProcApprovalRequest

Process name

Approval request

ComponentIdentity Manager Operator
Process startSub-process being called

Approval handling

 Approval handling process

When an approval is needed, an information text is displayed in Identity Manager Operator and you will receive an email with information that there is an approval request sent.

  1. Log in to Identity Manager Operator with your admin account.
  2. Go to the Search page.
  3. Select Workplace request, click Search and navigate to the request.
  4. Select Approve request (on requests with the state "Requested").
  5. Select one of the following:
    • Approve: The requester receives an email notification that the request is approved.
    • Reject: Add information in the Reason for rejection text field. The requester receives an email notification that the request is rejected.
    • On hold: The request remains in the same state and you can approve/reject it later.

Depending on the type of approval request there may be additional steps needed, for example for P10 and P12 certificate requests. 

 Delete request
  1. Log in to Identity Manager Operator with your admin account.
  2. Go to the Search page.
  3. Select Workplace requests and navigate to the request. 
  4. Select Delete request

Use case details

 Overview and technical details
Sub process description

A Workplace certificate agent wants to approve or reject an enrollment request.

An operator wants to have a general sub-process for all approval scenarios.

Outcome
  • The approvers receive an email notification that there is an open request for approval
  • If the request is approved, the end state for the approval is "approved"
  • If the request is rejected, the end state for the approval is "rejected"
  • The requester receives an email notification that the request is approved or rejected

Symbolic name

AssetsProcApproval

Process name

Approval request

ComponentIdentity Manager Operator
Process startSearch>Workplace request>Search for requests in state "Requested">Approve request
  • No labels