Create a Request Type
This page explains the general process of creating a Request Type for Okta Access Requests. For a more specific example, see Create a sample Request Type.
Before you begin
- Create an Access Requests team
- Push Okta groups to Access Requests
- To use a requester's manager as approver, ensure that the managerId user attribute in Okta is set as the Okta username or email address of the user's manager. Otherwise, the request's assignee has to manually specify an approver for the request.
- To use group owner as an approver in requests, take the following considerations into account:
- If the owner of a group in Okta is another Okta group, this group must be pushed to Access Requests in order for it to be used as an approver.
- If you want to assign group owners as approvers for a Request Type, ensure that you have group owners configured in Okta. See Group ownership.
- If there are multiple group owners, only one group owner needs to review and take action on the request. So if a group member approves or revokes access for a request, the request is marked as completed for all owners.
- If the number of group owners within a group is greater than 10, then requests are randomly assigned to 10 group owners.
Start this task
-
Open the Access Requests Admin Console.
-
On the left panel, click Access Requests.
-
Click Create Request Type.
-
From the editor window, configure the general settings.
Setting Action Icon Select an icon to identify the Request Type. Name Specify a name to identify the Request Type. Description Enter a description. Team Select a team to manage the Request Type. Any requests that use this Request Type are assigned to this team. Audience Select a specific Okta group allowed to submit requests using this Request Type or make it available to everyone within your Okta org. Mark as done automatically Enable to automatically close the request after all questions and tasks are complete. Note: This setting requires at least one task or question assigned to an approver.
-
Add questions to collect information from users.
-
In the central panel, click Question. The system adds a blank question.
-
On the right panel, configure the question settings.
Setting Action Text Specify the default text displayed in the question. Make it a required field Select to mark the question as needed. Type Specifies the input type for the question. Options include:
- Text: Allows users to enter up to 100 characters
- Date: Allows users to specify a date
- Dropdown: Allows users to select from a predefined list
Custom options Click Add option to specify one or more custom choices available for your end users to select. You can’t reuse the custom options you define here in another Request Type. We recommend that you create a custom list if you want to reuse custom options in multiple Request Types. See Create a configuration list.
Note: This field is available after setting the Type setting to Dropdown.
Configuration items Specify a configuration list synced from an existing connection. See Create a configuration list.
Note: This field is available after setting the Type setting to Dropdown.
Assigned to Specify the person, or Okta group responsible for completing the task.
-
Optional. Click Question to add more questions.
A requester can't modify answers to the questions after they submit the request.
-
-
Add tasks to prompt actions from a user.
-
In the central panel, click Task. The system adds a blank task.
-
On the right panel, configure the task settings.
Setting Action Text Specify the default text displayed in the task. Make it a required field Select to mark the task as needed. Type Specifies the input type for the task. Options include:
- Custom Task: Assigns the task to a user for action.
- Approval Task: Assigns the task to a user or group for review and approval.
- Action Task: Adds specific actions related to a configured integration. The system can complete these tasks automatically or assign them to a team.
Note: Before adding action tasks, admins must manually enable access to third-party integrations for the related team. See Create an Access Requests team.
Assigned to Specify the person, Okta group, or group owner responsible for completing the task.
Due date Specify a time-frame to complete the task within. -
Optional. Click Task to add more tasks.
-
-
Optional. Add a timer to control the flow and timing of follow-up actions.
Timers can last for up to 90 days. If a duration or date is specified outside the limit, the timer still ends after 90 days. After the timer expires, the request begins any followup actions. The timer ignores any changes to the request that would change the end date of the timer.
-
In the central panel, click Timer. The system adds a blank timer.
-
On the right panel, select and configure a timer type.
Timer type Action End after duration Select to end the timer after a specified number of days, hours, or minutes. Under How long should this timer be?, enter a value and choose a unit of time.
End on Date Select to end the timer on a specific date. The timer ends at 12:00am in the requesters time zone. Under End this time using, select an existing date field, or create a field. When the system processes a request, the date specified in this field controls when the timer ends.
Note: If the request specifies a date in the past, the timer ends immediately.
-
-
Optional. Configure conditional logic for tasks or questions.
-
Select a task or question.
-
On the right panel, open the Logic tab.
-
From the drop-down menu, select Only show this task if. By default, the system displays every question.
-
Select another question or task.
-
Specify a logical operator and content to match against.
-
Optional. Add more conditions.
-
- Click Publish.
The system makes the Request Type available to the specified audience.