Request Access

Last modified on March 15, 2025

This feature is part of the Enterprise plan. If it is not enabled for your organization, please contact StrongDM at the StrongDM Help Center.

An access request can be made for a resource that is assigned to a workflow in your StrongDM organization. For more details on how workflows are created and managed, see the Workflows page.

The Request Access page in the Admin UI has two tabs, Catalog and Requests. The Catalog is a listing of resources that are available to request. The Requests tab shows a list of your requests as well as any that you are eligible to approve.

Catalog

List of Available Resources That Can Be Requested

The Catalog tab contains a tabulated list of all of the resources that the user can request to access. These resources are made available via workflows that have a role(s) selected to allow all users with that role(s) to request access.

With the Catalog tab, your users can look for resources that they need, and request access to them from the Admin UI. Of particular use for organizations with large numbers of resources, the list is also searchable and has filters available to narrow down results by the values of the same fields shown in the list of resources. The list contains the following fields:

Field	Description
Access	Current status of your access to this resource
Authentication	Type of authentication used for this resource (leased credential or Identity Alias)
Health	Whether the healthcheck for the resource is successful or not
Name	Resource name
Tags	Any tags attached to this resource
Type	Resource type

Access field values

The Access field in the Catalog table can have the following values:

Value	Description
Available	Available to request
Granted by role	Available to request, but already granted by a role
Granted by temporary access	Avalable to request, but already granted by a temporary access grant or approved access request
Pending	Request pending review

Make a request

From the resource catalog, you may request access to any available resource. You may make a request for as many resources as you need to access in a single request, or you can make individual requests for each resource.

Once you click the button to request access, you are asked some questions about the access you require. You can set the time zone of the request to avoid miscommunication around timing, and then choose the date and time that you desire access to start and end. A helpful date picker as well as a shortcut box for common times makes the request process even faster.

Your request must have a duration that is less than or equal to the maximum duration set by your StrongDM administrator. Requests automatically time out if they have been pending for 30 days. If your organization has set up a fixed duration for all access requests, the start date will still be able to be chosen, but there will be no way to select a duration for the request.

The question Why do you need access? is a critical one, as in some cases it may be the only thing that provides context to the individual who is approving the request. Depending on the request in question and the policies of your organization, an answer here without relevant details may result in a denied request.

Lastly, you can review your request in text format to make sure that you have requested the correct resource for the correct times.

If a request for access to a resource is already in progress, a new request cannot be made. If a previous request was denied, however, the status of that resource in the list returns to Available and a repeat request can be made.

Depending on the settings determined by your administrator, you may be allowed to make more than one request for a particular resource at a time. For example, if three requests are allowed for a single resource, and you have two requests already pending, you may still make another request to access that resource.

Requests

The Requests tab contains a tabulated list of all recent access requests that have been made in this organization. Users viewing the Requests tab are able to see the list of every request for which they are a valid approver, as well as requests that they initiated themselves.

Field	Description
Access Details	Time and date that the request was terminated, and the type of termination
Request Status	Explanation of the current state of the request
Requested	Name of the resource being requested
Requester	Name of the requester
Submitted	Time and date the request was submitted

Request Status values

The Request Status field gives a value that explains the current state of the request.

Value	Description
Approved	Request previously approved
Canceled	Results when requested resource is removed from the workflow
Denied	Request previously denied
Pending	Request yet to be reviewed
Timed out	Results when requested end date for the pending request passes without being approved or denied

Access Details values

The Access Details field gives a value that indicates the time and the date that the request time window ended or will end, and the reason for the expiry.

Value	Description
Active until…	Previously approved request with current access granted
Expired on…	Previously approved request whose requested time window has elapsed
Requested until…	No approval or denial response yet
Revoked on…	Previously approved access that was revoked before the requested time window had elapsed

Request Access

Catalog #

Access field values #

Make a request #

Requests #

Request Status values #

Access Details values #