<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Manager Approval not Working within OIG Access Requests
May 13, 2025
Identity Governance
Overview

After getting Okta Identity Governance (OIG) enabled, the approval is not working as expected within an Access Request. The approval action is not working when the Requestor's Manager is assigned. The users seem to have the managers properly configured, but the approval remains unassigned.
 

Steps to Reproduce

  1. Create a new Request Type.
  2. Add an approval task.
  3. Select Requester's manager on the Assigned to field.
  4. Test the request with a user that has a manager on their profile.

The approval task remains unassigned or is assigned to an incorrect reviewer.


NOTE: This solution applies just to Access Requests. For Access Certification, the mapping cannot be altered; however, when a Campaign is configured for the reviewer, instead of using the Manager selection for the reviewer, use Okta Expression Language to point towards the attribute that contains the manager's Okta username or email. 

Applies To
  • Okta Identity Governance (OIG)
  • Access Requests
Cause

By default, the managerValue attribute in the Access Requests app maps to the user.managerID value. If the user.managerID value is not set as the Okta username or email address of the user's manager in the user's profile, the Access request cannot be properly automatically assigned to the requester's manager.

Solution

Map the desired Okta manager attribute from the user's Okta directory profile to the Okta Access Requests application in the Okta Admin console:

  1. In the Okta Admin console, navigate to Directory > Profile Editor > Apps > Okta Access Requests User and select Mappings, then go to the Okta User to Okta Access Requests tab.
  2. Select the attribute that defines the manager to be assigned to access requests and map it to the managerValue. For example, a custom attribute called user.managerEmail could be used:
Mappings


After applying the new attribute mapping, future access requests should now be directed to the user's manager.

NOTE: The user manager's account must be in an active status; otherwise, the approval task will remain unassigned. Review 'About user account status' for further information.

Recommended content

Still looking for help?
Loading
Manager Approval not Working within OIG Access Requests