Skip to content

Overview

Hire2Retire enables organizations to assign birthright-based access to employees automatically. With the introduction of the Access Request feature, Hire2Retire extends this capability by allowing employees to request additional access when required.

The Access Request feature provides a structured, auditable, and automated way for employees to request access while giving organizations full control over who can review requests, which entitlements or applications can be requested, and how access is fulfilled or revoked.

Request Page

Key Concepts

The following terms are used throughout the Access Request feature:

  • Entitlement: Refers to membership in a group.

  • Application: An application to which a user can request access.

  • Request: A request created by an employee to gain access to an entitlement or an application available in the catalog.

  • Review: The approval or rejection decision taken by designated approvers for a request.

  • Fulfillment: The final step in processing a request, where the recipient is granted access to the requested group or application after approval.

Feature Overview

The Access Request feature enables organizations to:

  • Allow employees to request access to entitlements or applications
  • Define who can review requests, such as group owners, the recipient’s manager, or one or more named individuals
  • Automatically fulfill approved entitlement requests through Hire2Retire.
  • Support manual fulfillment for application requests, depending on the configured fulfillment mechanism
  • Automatically revoke access when the configured time limit expires
  • Support manual revocation for application access, where application owners explicitly mark the request as revoked.
  • Maintain full visibility and audit trail of all access requests

Admins and Editors can configure the feature, while users with an email from the organization’s domain can request and review access based on assigned roles and policies.

User Experience Overview

The section includes the following areas:

  • My Requests
    View requests created by or for the user and create new access requests.

  • Review
    Review and act on requests assigned to the user. Admins and Editors can view and review all requests.

  • Configuration
    Configure the Access Request feature, approvers, and catalog visibility (Admin and Editor only).

Request Lifecycle

Each request progresses through the following statuses:

  • Pending – The request is awaiting review
  • Rejected – The request has been rejected by an approver
  • Approved – The request has been approved by an approver
  • Awaiting Fulfillment – The request has been approved and is waiting to be fulfilled
  • Fulfillment Failed – The request could not be fulfilled due to an internal dependency.
  • Fulfilled – Access has been successfully granted to the recipient
  • Awaiting Revocation – Waiting for access to be revoked
  • Revocation Failed – The access could not be revoked due to an internal dependency.
  • Revoked – The access has been successfully removed

Each status is visually represented to help users quickly understand the request state.

Hire2Retire automatically sends notifications for key events in the request lifecycle when a request is created, fulfilled, rejected, or revoked.

These notifications are enabled by default and cannot be disabled or customized.

Summary

The Access Request feature introduces a secure and automated approach to managing access beyond birthright entitlements. By combining configurable approval workflows, automatic fulfillment, and time-based revocation, Hire2Retire enables organizations to balance employee productivity with strong access governance.