Approving or rejecting a sponsor user in case of SSO

A sponsor administrator must approve or reject the onboarding requests by sponsor users.
Note: In case of role change in the external system after onboarding a user into IBM PEM, the user will be moved to approval pending status. An email notification is sent to the sponsor administrator and the user will be redirected to the approval pending screen.
By default, the most recent modified registration requests will appear first. You can select one or more check boxes to show only the registration requests with one of the following status types:
  • Active
  • Approval Pending
  • Inactive
  • Rejected

Also, you can sort columns by clicking the column header. If the list of users takes more than one page, you can navigate the list by clicking Next, Last, or any particular page number.

  1. Sign in to PEM Portal as a Sponsor Administrator.
  2. Click Directory > Users.
    The list of sponsors is displayed, and the users are displayed as Approval Pending in the Status column. You can select the number of items that are displayed per page in the Show 10 per page field. The default is 10 items, but you can choose to display fewer items or more items.
  3. In the Actions column, click Approve/Reject.
    The User Approval window opens.
  4. Review the Account Information. Click Next.
  5. Verify or Assign the following permissions to the user.
    • In case of a new user registration, verify auto populated role.
    • In case of role mismatch between IBM PEM and external system, you should verify role change in the message.
    • In case of a users' role does not match any of the allowed roles or matches multiple roles, permissions will be disabled. Contact your system administrator to update the users' role mapping, then proceed to the approval screen and select a valid role for the user.
    • In case of invalid role mapping between IBM PEM and external system, you must assign one of the following permissions by contacting the system administrator:
      • Sponsor Administrator,
      • Line of Business (LOB), or
      • Sponsor Standard User.
  6. Click Next.
  7. Type any comments in the Comments box, and choose one of the following options:
    • Click Approve to approve the sponsor user. The list of users is displayed. The sponsor user is displayed as Active in the Status column. An email notification is sent to the sponsor user.
    • Click Reject to reject the sponsor user. The list of users is displayed. The sponsor user is displayed as Rejected in the Status column. An email notification is sent to the sponsor user.

In case of role change of the primary sponsor administrator, refer to the below instructions:

  • The change of role of primary admin in LDAP is not applicable to IBM PEM as PEM doesn't allow the role change of primary administrator.
  • As the new role doesn't match with PEM primary admin role, the user will not be allowed to access IBM PEM.
  • To fix this issue, IBM PEM system administrator with the help of LDAP system administrator need to revert the role.