Create an Access Requests team
Create Access Requests Teams to organize users into logical groups. You can create a Team that has a structure similar to that of an existing department or customize it to fit specific business needs. By default, Access Requests creates an empty IT team for every organization.
Teams can share one or more team members. However, each Team is responsible for creating their own Request Types and managing the requests associated with the Request Type. Team members ensure that requests reach the correct stakeholders or approvers and receive proper oversight.
As an admin, you can change the team that owns a Request Type, if the Request Type is still in the draft stage. You can also assign a team to a resource so that the team members can use the resource in automated tasks.
Okta recommends that you use teams to manage the administrative aspect of Request Types and requests rather than assigning team members as task approvers in a Request Type. Okta recommends that you use groups to manage approvals within a Request Type.
Access Requests automatically assigns an email address to each Team that requesters can use to submit requests. Access Requests tries to match any emails sent to the Team’s inbox to an existing Request Type. If your organization already has an existing shared inbox outside of Access Requests, you can retain your existing process and forward emails to the Access Requests Team email.
Before you begin
Start this task
- Access the Access Requests Admin Console.
- Go to Teams and click Add Team. The Add a team window opens.
- Configure the team:
Setting Action Icon Select an icon to identify the team. Name Specify a name to identify the team. URL Specify a URL used to access the team dashboard. Description Enter a description. Members Add one or more members to the team. Only team members can edit requests associated with that team. This also applies to super administrators and access requests administrators.
- Configure the team settings:
Setting Action Invite Only Enable this setting to require an invite before a user can join the team. Request Privacy Enable this setting to mark all incoming requests as private. Private requests are visible only to the following users: Requester
Members of the team that owns the Request Type
Users explicitly assigned to the request as a follower
Private requests are useful for requests that involve potentially sensitive subjects.
By default, all users can view requests.
Access Requests admins can’t view private requests unless they're assigned to the related team or added as a follower to a specific request.
Auto-assign Enable this setting to adjust how requests are assigned to team members. Options include:
- Rotate through team members: Cycles assignments to team members in a logical order
- To a specific user: Assigns all tasks for this team to a specific member
- Click Create team.
The system creates the team and opens the team dashboard. After creating the team, most organizations integrate Access Requests with more resources. See Access Requests integrations.
When you delete a team, all Request Types and associated requests are also deleted from the Access Requests console. You can no longer view the deleted requests in the Access Requests console. You can only view them from the Past Access Requests report. See Past Access Requests report.