These settings control the behavior of the role management components of identity applications. The Role Container, Role Request Container, and Default Role Approval Definition show the LDAP settings that are saved in the Identity Vault during installation.
The container where all the roles are stored.
The container where all the role provisioning requests are stored.
This determines the default workflow used for role assignment or revocation process.
Specifies the grace period in minutes which determines the time difference between removing the role assignment and dissociating entitlements from the role.
Enable the respective options in this setting to trigger an approval process before a role is assigned to groups, containers, or mapped to another role. The approval process will be triggered only if the approval is configured for that role. When this setting is disabled, the role will be assigned to the recipients directly, without seeking approval. The approver(s) will not receive an email notification, although the email approval setting is set as enable.
By default, the Enable Role Approval is disabled for Role to Role, whereas it is enabled for Role to Container and Role to Group options.
You can change the display names of Role Levels for all supported languages. To change the language, see Change Language.
Click Apply to save your changes.