Skip to main content

Access Request

The Access Request process ensures that all access requests are reviewed and approved by the Owner and Technical Steward before granting access.

Step 1: Validation

General

Name: Validation

Script

  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.parse(execution.getVariable("users"))["owner"] !== undefined && 
JSON.parse(execution.getVariable("users"))["tech_steward"] !== undefined
  • Result variable: check

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Flow conditions

  • If Validation successful: proceed to Step 2.
  • If Validation failed: proceed to Step 1.1.

Step 1.1: Status updated: Validation failed

General

Name: Status updated: Validation failed

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Validation failed",
    payload: [
        {role: "others", status: "validation_failed"}
    ]
});

Step 1.2: Send notification to Business user

General

Name: Send notification to Business user

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Validation failed",
    is_completed: true,
    payload: {
        to: [execution.getVariable("invoker_id")],
        message: "Dear user, no responsible persons have been assigned. Please contact the Admin.",
        need: {
            mass_approve: false,
            response: false,
            assign: false
        },
        ui: {
            caption: "",
            assign: "",
            buttons: {}
       }
    }
});

End Event

Step 2: Status updated: Validation successful

General

Name: Status updated: Validation successful

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Validation successful",
    payload: [
        {role: "others", status: "validation_successful"}
    ]
});

Step 3: Send notification to Business user

General

Name: Send notification to Business user

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Validation successful",
    is_completed: false,
    payload: {
      to: [execution.getVariable("invoker_id")],
      message: "Dear user, please specify the reason for your access request.",
      need: {
        mass_approve: false,
        response: true,
        assign: false
      },
      ui: {
        caption: "",
        assign: "",
    buttons: {
          "approve":"Request access",
      "reject":"Cancel the access request"
        }
      }
    }
});

Step 4: Ask Business user

  • If Request access: proceed to Step 5.
  • If Cancel the access request: proceed to Step 4.1.

Step 4.1: Status updated: Cancelled

General

Name: Status updated: Cancelled

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Business user canceled the access request",
    payload: [
        {role: "others", status: "cancelled"}
    ]
});

Step 4.2: Send Notification to Business user

General

Name: Send notification to Business user

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Business user canceled the access request",
    is_completed: true,
    payload: {
        to: [execution.getVariable("invoker_id")],
        message: "Dear user, your access request has been successfully canceled.",
        need: {
            mass_approve: false,
            response: false,
            assign: false
        },
        ui: {
            caption: "",
            assign: "",
            buttons: {}
        }
    }
});

End Event

Step 5: Status updated: Pending Owner's approval

General

Name: Status updated: Pending Owner's approval

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Owner approval",
    payload: [
        {role: "others", status: "pending_owner's_approval"}
    ]
});

Step 6: Send notification to Owner

General

Name: Send notification to Owner

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Owner approval",
    is_completed: false,
    payload: {
      to: JSON.parse(execution.getVariable("users"))["owner"],
      message: execution.getVariable("expertise_text"),
      need: {
        mass_approve: false,
        response: true,
        assign: false
      },
      ui: {
        caption: "Dear user, access to this object has been requested. You can view the purpose above.",
        assign: "",
        buttons: {
          "approve":"Approve",
          "reject":"Reject with reason"
        }
      }
    }
});

Step 7: Ask Owner

  • If Approve: proceed to Step 8.
  • If Reject with reason: proceed to Step 7.1.

Step 7.1: Status updated: Rejected

General

Name: Status updated: Rejected

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Access rejected",
    is_completed: true,
    payload: [
        {role: "others", status: "rejected"}
    ]
});

Step 7.2: Send Notification to Business user​

General

Name: Send notification to Business user

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Access rejected",
    is_completed: true,
    payload: {
      to: [execution.getVariable("invoker_id")],
      message: execution.getVariable("expertise_text"),
      need: {
        mass_approve: false,
        response: false,
        assign: false
      },
      ui: {
        caption: "Dear user, your access request has been rejected. You can review the reason above.",
        assign: "",
        buttons: {}
      }
    }
});

End event

Step 8: Status updated: Access assignment

General

Name: Status updated: Access assignment

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Access assignment",
    payload: [
        {role: "others", status: "pending_TS_approval"} 
    ]
});

Step 9: Send Notification to Business user

General

Name: Send notification to Business user

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Access assignment",
    is_completed: false,
    payload: {
        to: [execution.getVariable("invoker_id")],
        message: "Dear user, your access request has been approved by the Owner and has now been sent to the Technical steward for processing",
        need: {
            mass_approve: false,
            response: false,
            assign: false
        },
        ui: {
            caption: "",
            assign: "",
            buttons: {}
        }
    }
});

Step 10: Send Notification to Technical steward

General

Name: Send notification to Technical steward

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Access assignment",
    payload: {
      to: JSON.parse(execution.getVariable("users"))["tech_steward"],
      message: "Dear user, the Owner has approved access to this object. Please proceed with granting access or provide a reason for denial.",
      need: {
        mass_approve: false,
        response: true,
        assign: false
      },
      ui: {
        caption:"",
        assign: "",
        buttons: {
          "approve":"Grant access",
          "reject":"Access cannot be granted"
        }
      }
    }
});

Step 11: Ask Technical steward

  • If Grant access: proceed to Step 12.
  • If Access cannot be granted: proceed to Step 7.1.

Step 12: Status updated: Access granted

General

Name: Status updated: Access granted

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Access granted",
    payload: [
        {role: "others", status: "access_granted"}
    ]
});

Step 13: Send Notification to Business user

General

Name: Send notification to Business user

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
    execution_id: execution.getId(),
    stage: "Access granted",
    is_completed: false,
    payload: {
      to: [execution.getVariable("invoker_id")],
      message: "Dear user, access to this object has been granted.",
      need: {
        mass_approve: false,
        response: false,
        assign: false
      },
      ui: {
        caption: "",
        assign: "",
        buttons: {}
      }
    }
});

Step 14: Grant Access action

General

Name: Grant Access action

Implementation

  • Type: Connector
  • Connector ID: http-connector

Asynchronous continuations

  • Before and Exclusive

Job execution

  • Retry time cycle: R5/PT5M

Connector inputs

Headers

  • Local variable name: headers
  • Assignment type: Map
  • Map entries:
    • Key: Content-Type
    • Value: application/json

Method

  • Local variable name: method
  • Assignment type: String or expression
  • Value: POST

Payload

  • Local variable name: payload
  • Assignment type: Script
  • Format: JavaScript
  • Type: Inline script
  • Script: 
JSON.stringify({
   execution_id: execution.getId(),
   stage: "Access granted",
   is_completed: true,
   payload: {
         scope: "read",
         permission: "allow"
    }
});

End Event

Access request schema

Access_request_schema