Skip to content

Overview

Hire2Retire enables organizations to assign birthright-based access to employees automatically. With the introduction of the Access Request feature, Hire2Retire extends this capability by allowing employees to request additional access or group memberships when required.

The Access Request feature provides a structured, auditable, and automated way for employees to request access while giving organizations full control over who can review requests, which entitlements can be requested, and how access is fulfilled and revoked. Approved requests are automatically fulfilled by Hire2Retire and revoked when the configured time limit expires, ensuring both flexibility and security.

Request Page

Key Concepts

The following terms are used throughout the Access Request feature:

  • Entitlement: Refers to membership in a group.

  • Request: A request created by an employee to gain access to an entitlement or an application available in the catalog.

  • Review: The approval or rejection decision taken by designated reviewers for a request.

  • Fulfillment: The final step in processing a request, where the recipient is added to the requested group after approval.

Feature Overview

The Access Request feature enables organizations to:

  • Allow employees to request access to approved entitlements
  • Define who can review requests, such as group owners, the recipient’s manager, or one or more named individuals
  • Automatically fulfill approved requests through Hire2Retire
  • Automatically revoke access when the configured time limit expires
  • Maintain full visibility and audit trail of all access requests

Admins and Editors can configure the feature, while anyone with an email from the domain can request and review access based on assigned roles and policies.

User Experience Overview

The section includes the following areas:

  • My Requests
    View requests created by or for the user and create new access requests.

  • Review
    Review and act on requests assigned to the user. Admins and Editors can view and review all requests.

  • Configuration
    Configure the Access Request feature, reviewers, and catalog visibility (Admin and Editor only).

Request Lifecycle

Each request progresses through the following statuses:

  • Pending – The request has been created and is awaiting review
  • Approved – The request has been approved and is ready for fulfillment
  • Rejected – The request has been rejected by a reviewer
  • Fulfilled – The recipient has been added to the requested group
  • Revoked – The entitlement has been removed after the configured time limit expires

Each status is visually represented to help users quickly understand the request state.

Hire2Retire automatically sends notifications for key events in the request lifecycle when a request is created, fulfilled, rejected, or revoked.

These notifications are enabled by default and cannot be disabled or customized.

Summary

The Access Request feature introduces a secure and automated approach to managing access beyond birthright entitlements. By combining configurable approval workflows, automatic fulfillment, and time-based revocation, Hire2Retire enables organizations to balance employee productivity with strong access governance.