Access Gateway for Cloud provides the ability to approve or deny requests to the SaaS applications. During the configuration of the connector, you specified an application owner. The application owner approves or denies requests for access to the SaaS applications.
The application owner knows who should have access to the SaaS applications, whereas the appliance administrator might not have this knowledge.
By default, Access Gateway for Cloud automatically provisions users according to mapping authorizations. To enable approvals:
Select Approval when you map the authorizations from Active Directory to the SaaS applications on the PolicyMapping page.
Access the Approval page at:
Select the desired authorization, then click Approve or Deny.
NetIQ recommends a maximum of 2,000 simultaneous approvals.