Creating Access Request: Template Based Requests and Configuring End User Personalization forms for use with Access Request: Template Based Requests in GRC 10.0/10.1
The purpose of this post is to demonstrate how to create Template Based Requests and make them available for provisioning in SAP. This document will demonstrate how to customize and associate End User Personalization forms for use with Access Request: Template Based Requests.
Template Based Requests are an effective way to provision access in SAP environments. Security administrators can create pre-defined templates with specified roles for each back-end environment to simply provision requests for end users. In addition, templates can leverage the Business Role Concept from Business Role Management in GRC 10.0/10.1 to provision bundled composites and singles roles across multiple back-end environments. The following steps outline the process to follow when implementing template based requests:
Step 1: Customize EUP personalization
Access the GRC IMG via t_code SPRO followed by menu path:
Governance, Risk and Compliance> Access Control> User Provisioning> Maintain End User Personalization
Step 3: Customize the EUP Copy
Select the new EUP personalization form and double click the maintain EUP fields folder.
Select fields to include or exclude in the Template Based Request and save.
Choose single, composite, or business role, move role down and select OK.
Template Based Access Requests can take some time to configure, but the benefits gained simplifying access requests for end users often makes this an easy enhancement to justify for your GRC environment.