Introduction
End usersEvidian Approval Workflow
Approval Workflow enables enterprises to put in place efficient responsibility chains to automate user lifecycle management. For example, end users can request access right updates and administrators can enroll new employees. All these requests are sent to approval authorities who grant or reject them. Thus, Approval Workflow is an added value to the deployment of reliable IAM projects.
Architecture
Approval Workflow can be used in conjunction with Evidian Policy Manager, ID Synchronization , User Provisioning, Evidian Enterprise SSO, SAM Web and SAM J2EE.
The Approval Workflow module provides:
- A workflow engine (based on the concepts of Processes and Activities)
- A simple and efficient graphical interface for modeling enterprise processes
- Web forms through which all workflow users can act on the workflow
User profiles
Three workflow user profiles can be defined:
- Conceptors: the people in charge of defining the enterprise processes
- Users: anybody who participates in a workflow process: for example, an end user, an AccessMaster administrator requester, or an approval authority
- Operators: the people in charge of administering the workflow processes, for example cancelling activities, viewing logs and histories
How an approval workflow works
A process is activated upon a user's request. This request automatically reaches an authority in charge of its approval, who is informed by an e-mail including a hypertext link to a reply form. Then, an approval authority can grant, reject, or forward the request. The process ends when the request is granted or rejected.
Escalation and delegation
On time-out, the approval procedure may be subjected to escalation to other authorities. An approval authority may also choose to delegate his or her task over a specific period. In this case, the workflow engine sends the request to the delegated authority.
