In Zilla, you can configure your applications and permissions to be requestable through your Jira Service Management request portal. 

Enabling Applications to be Requestable

You can specify which applications are available for requests in your Provisioning portal.

Option 1 - Using the Provisioning / Configure Applications menu, enable each application to be requestable or using the Take Action capability to enable multiple applications.

Open

Option 2 - From within the Application’s Profile tab, Access Request Summary section, using the Edit capability you can enable the application for access requests, set the approval assignment workflow and specify the default fulfillment method for the application.

Open

Specifying the approval assignment workflow

Zilla automates the approval assignment for access requests. You can select which approval assignment workflow is used for each application.

• Business Owner - The Business Owner of the application being requested will be assigned to the request ticket for review and approval.

• Supervisor - The Supervisor of the user for whom the access is being requested for will be assigned to the request ticket for review and approval.

• Supervisor & Business Owner - Both the Supervisor of the user for whom the access is being requested for and the Business Owner of the application will be assigned to the request ticket for review and approval.

• Permission or Resource Owner - If an owner is assigned to the permission, they will be assigned to request ticket for review and approval. If this option is selected and no permission owner is available, then the Business Owner of the application will be assigned to the request ticket for review and approval.

Specifying the fulfillment method

A fulfillment method can be selected to specify how application accounts and permissions are granted for the user.

• Auto-API - Applications that have direct API connections and are enabled for provisioning will have this option available. If selected, all permissions will initially be set to being requestable using the API. These settings can be adjusted at the individual permission level.

• Auto-IdP - Applications that use and are provisioned through your Identity Provider (such as Okta, Azure Active Directory/Entra ID) can be setup. If selected, all group permissions will initially be set to being requestable and available for association with the Identity Provider’s respective group. These settings can be adjusted at the individual permission level.

  • Note: Identity Providers are only available for selection if they are requestable and configured with API provisioning.

• Service Desk - Applications that follow a manual process for granting access are assigned to the Service Desk for fulfillment.

Editing permissions request and fulfillment capabilities 

Individual permissions (permissions, groups, roles, etc.) within applications can be enabled/disabled for requests. Permissions enabled for requests will be available on the request form and portal. The fulfillment method for the permission specifies if the Service Desk will provision the access or automated provisioning will be used, either using the API connectivity or through the Identity Provider.

Auto-API - Applications using native API and are enabled for provisioning can directly fulfill requests for permissions. The fulfillment method for a permission can also be set to Service Desk for a user to take action on.

Auto-IdP - Applications that are configured to provision and provide access through your Identity Provider can have the permissions assigned to a corresponding Identity Provider group that will provide and provision the access.

Service Desk - Applications that are configured to provision access through the Service Desk interaction.