Validation for account types
In the new UI Access request process, there is an additional server-side validation performed after you click the Next button. This validation also includes the implicit set of the default account types that you defined in the customer setting RoPE:Default Account Type UID. The purpose of this validation is to ensure that the Access request meets certain requirements.
The validation checks for the following conditions:
-
The identity has an account for each resource. This means that the identity must already have an associated account for each resource you are requesting access to.
-
The requested resource contains an account resource for the system to which it belongs, and the identity who request the access is not a Technical identity.
-
The system or the resource type is configured with Auto create accounts set to True and the identity is not a Technical identity.
Only one of these conditions should met to have the validation for the account types.