Approve or deny requests for Azure AD roles in Privileged Identity Management
With Azure Active Directory (Azure AD) Privileged Identity Management (PIM), you can configure roles to require approval for activation, and choose one or multiple users or groups as delegated approvers. Delegated approvers have 24 hours to approve requests. If a request is not approved within 24 hours, then the eligible user must re-submit a new request. The 24 hour approval time window is not configurable.
Determine your version of PIM
Beginning in November 2019, the Azure AD roles portion of Privileged Identity Management is being updated to a new version that matches the experiences for Azure resource roles. This creates additional features as well as changes to the existing API. While the new version is being rolled out, which procedures that you follow in this article depend on version of Privileged Identity Management you currently have. Follow the steps in this section to determine which version of Privileged Identity Management you have. After you know your version of Privileged Identity Management, you can select the procedures in this article that match that version.
Open Azure AD Privileged Identity Management. If you have a banner on the top of the overview page, follow the instructions in the New version tab of this article. Otherwise, follow the instructions in the Previous version tab.
Follow the steps in this article to approve or deny requests for Azure AD roles.
View pending requests
As a delegated approver, you'll receive an email notification when an Azure AD role request is pending your approval. You can view these pending requests in Privileged Identity Management.
Sign in to the Azure portal.
Open Azure AD Privileged Identity Management.
Click Azure AD roles.
Click Approve requests.
You'll see a list of requests pending your approval.
Select the requests you want to approve and then click Approve to open the Approve selected requests pane.
In the Approve reason box, type a reason.
The Status symbol will be updated with your approval.
Select the requests you want to deny and then click Deny to open the Deny selected requests pane.
In the Deny reason box, type a reason.
The Status symbol will be updated with your denial.
Laster inn tilbakemelding ...