We have a requirement where customer has created Application Roles and looking forward for a requirement to make this role time based.
Customer has various roles in environment which is configured to be allowed for 1 year or 6 months.
1. There is a config name Default Time Frame on Roles. Can you please help in understanding the usage of the same?
2. I have configured 720 (30 Days) on this parameter, but what I see that there is no restriction on End Date and I can make a request for more than specified Date? Is this parameter to behave in this way?
3. If not, Can you please confirm how can I enable a maximum allowed time frame for the role?
Customer is looking for a popup message or restriction in case there is violation.
Solved! Go to Solution.
As far as I know, there are no provisions for making Application Roles time based in a true sense. These are only applicable for Emergency Role (Fire Fighter Roles).
In Emergency Roles, you can provide a Default Time Frame (say 4 hours) and a Maximum Time Frame (say 8 hours) which can be configured.
You could use Enterprise Roles instead of Application Roles and configure the start date and end date as mandatory in the global configs and provide a default time frame at the role level.
However this does not restrict the requestor to "extend" the end date since Max Time Frame is not available for even Enterprise Roles.
Many thanks for the explanation.
I have used below configuration to make start date and end date mandatory for application roles also: Ask For Start Date End Date While Adding Application Role along with Entitlements Request
Anyhow, any recommendation how can we capture this requirement? Customer has a requirement that the requested app role must have maximum validity for request for 1 year.
Also, what is the actual usage of Default Time Frame on Application Roles?
Thanks and Regards,
Can you explain what is the actual usage of Default Time Frame on Application Roles & Enterprise Roles?