Access Requests

Access Requests

App Access Requests

Article Type: Configuration / How-To
Audience: Application Administrators, Enterprise Administrators
Module: Access Control
Applies to Versions: All Versions

1. Overview

App Access Requests provide a governed workflow for granting users access to applications within the Fuuz platform. This two-tier approval process ensures proper oversight while distributing access management responsibilities between local application administrators and central enterprise administrators.

Interface Naming Note: The current interface labels this feature as "Tenant Access Requests." This will be updated to "App Access Requests" or simply "Access Requests" in a future release. Both terms refer to the same functionality throughout this article.

Request Workflow Summary

Step Actor Action
1 App Administrator Creates access request with user email and business justification
2 Enterprise Administrator Reviews and approves or denies request
3 System Creates or updates Enterprise User record and grants app access
4 Requested User Receives notification and sets password if new user

Key Concepts

  • One Request Per User Per Application: Each access request grants a single user access to one specific application. Multiple requests required for multiple applications.
  • New vs. Existing Users: System detects whether user exists and either creates new Enterprise User or adds app access to existing user.
  • Role Pre-Assignment: App Administrators can optionally specify access type or role when creating request for automatic assignment upon approval.

Request Statuses

  • Pending: Request submitted and awaiting Enterprise Admin review (automatically expires in 5 days)
  • Approved: Enterprise Admin approved; user access granted
  • Denied: Enterprise Admin rejected request with reason provided
  • Cancelled: Request withdrawn before approval/denial
  • Expired: Request not reviewed within 5-day window

2. Prerequisites

For Application Administrators

  • Access Level: Administrator access type within at least one application
  • Navigation: Within application → Access Control → Access Requests (or Tenant Access Requests)
  • Required Information: User's email address and business justification

For Enterprise Administrators

  • Access Level: Administrator access type with Enterprise Admin Home access
  • Navigation: System → Access Control → Access Requests (or Tenant Access Requests)
  • Visibility: Can view all access requests across all applications

3. Procedure Steps

Creating Access Requests (App Administrators)

Step 1: Navigate to Access Requests

  1. Navigate to your application's Access Control section
  2. Select Access Requests (or Tenant Access Requests)
  3. Review existing requests and their statuses


Step 2: Create New Request
  1. Click the + (Add) button
  2. Complete the request form:
    • Requested For User Email (required): Email address of user needing access
    • Tenant (required): Pre-filled with your application
    • Request Reason (required): Clear business justification with specific details
  3. Optionally specify a role for automatic assignment upon approval
  4. Click + (Submit) to create the request


Step 3: Monitor Request Status
  • Request enters Pending status
  • Enterprise Administrators receive email notification
  • Request expires automatically in 5 days if not reviewed
  • You receive email notification when request is approved or denied

Reviewing & Approving Requests (Enterprise Administrators)

Step 1: Navigate to Access Requests

  1. Navigate to System → Access Control → Access Requests
  2. Filter by Tenant Access Request Status = Pending
  3. Select a pending request to review details


Step 2: Review Request Details
  • Request User: Verify user email, name, and domain (Fuuz team vs. external)
  • Request Reason: Review business justification
  • Requested Access: Review tenant, existing access status, expiration dates, and requested role
  • Finalize Request Panel: Review what will happen upon approval


Step 3: Approve or Deny Request

To Approve:

  1. Click APPROVE REQUEST (green button)
  2. Confirm the approval in the dialog
  3. System creates/updates user record and grants access
  4. User receives email notification (password setup link for new users)


To Deny:
  1. Click REJECT REQUEST (red button)
  2. Enter required Rejection Reason with clear explanation
  3. Submit the denial
  4. User and App Admin receive email notification with rejection reason


Post-Approval Actions

For New Users:

  • Enterprise User record created
  • Email sent with password setup link (expires in 7 days)
  • User sets password and logs in
  • App Admin assigns additional roles if needed via App Users interface

For Existing Users:

  • App access added to existing Enterprise User record
  • Email notification sent
  • New app appears in user's app list after page refresh or next login
  • App Admin assigns additional roles if needed via App Users interface

4. Configuration Reference

Request Form Fields

Field Required Description
Requested For User Email Yes Email address of user needing access; can be new or existing user
Tenant Yes Pre-filled with requesting application; cannot be changed
Request Reason Yes Business justification; provide clear explanation for audit purposes
Role No Optional access type or role for automatic assignment upon approval

Automatic Settings

Setting Value Description
Request Expiration 5 days Pending requests automatically expire if not reviewed
Requested Access Days 90 days Default access duration before inactivity lockout
Password Setup Link 7 days Expiration for new user password setup email link

5. Best Practices

For Application Administrators

  • Provide Detailed Justifications: Clear, specific reasons help Enterprise Admins approve quickly and create proper audit trails
  • Use Role Pre-Assignment: Specify access type or role when creating requests to streamline provisioning
  • Track Multiple App Needs: Note in Request Reason if user needs access to multiple applications
  • Verify Email Addresses: Double-check email addresses to avoid delays from typos
  • Assign Additional Roles Promptly: After approval, immediately assign any additional roles needed via App Users interface

For Enterprise Administrators

  • Review Requests Daily: Check pending requests at least once per day to avoid expiration
  • Verify Business Need: Ensure Request Reason provides adequate justification before approving
  • Check for Existing Access: Review "Existing User Account" field to avoid duplicate access errors
  • Provide Clear Denial Reasons: Give specific explanations and guidance for resubmission
  • Monitor External Access: Pay special attention to requests for users with non-company email domains

Multi-Application Access

Organizations should document their preferred approach for users needing access to multiple applications:

  • Separate Request Per App: Required for organizations with strict audit trail requirements; provides individual justification for each app
  • Note in Request Reason: For less stringent requirements; App Admin indicates multiple apps needed; Enterprise Admin grants additional access directly

6. Troubleshooting

Problem Cause Solution
Error approving: "API key already exists" User already has access to application Deny request with explanation that user already has access; App Admin should check App Users screen. Known issue to be resolved in future release.
Request expired before review Not reviewed within 5-day window App Admin must submit new request; Enterprise Admins should review daily
User didn't receive password setup email Email filtered to spam; incorrect address; server issues Check spam folders; verify email in Enterprise Users; Enterprise Admin can resend or reset password
Password setup link expired User didn't set password within 7 days Enterprise Admin resets password and sends new setup instructions via Enterprise Users interface
Existing user doesn't see new app Page not refreshed; browser cache User refreshes browser page or logs out and back in
User has access but can't perform actions Role not assigned or insufficient permissions App Admin navigates to App Users and assigns appropriate roles with required permissions
  • Managing Enterprise Users: Complete guide for Enterprise Administrators on creating and managing user accounts
  • Managing App Users: Guide for Application Administrators on managing users within applications and assigning roles
  • Access Control Overview: Comprehensive overview of Fuuz access control model
  • Roles and Permissions: Detailed guide to configuring role-based access control
  • Access Types Explained: Deep dive into Administrator, Developer, Web Access, Gateway Access, and API Access types

8. Revision History


Version Date Editor Description
1.0 2025-12-28 Craig Scott Initial Release

    • Related Articles

    • Enterprise Admin Overview

      Article Type: Concept Audience: Enterprise Administrators, IT Management, Executive Sponsors Module: Enterprise Admin Applies to Versions: Fuuz 2024.1+ 1. Overview The Enterprise Admin interface represents the highest level of administrative control ...

    • Enterprise Users

      Managing Enterprise Users Article Type: Concept / How-To Audience: Enterprise Administrators Module: Enterprise Admin - Enterprise Users Applies to Versions: Fuuz 2024.1+ 1. Overview Enterprise Users are the foundational user records in the Fuuz ...

    • Authentication Events

      Authentication Events Article Type: Concept Audience: Enterprise Administrators Module: Enterprise Admin - Access Control Applies to Versions: All Versions 1. Overview The Authentication Events screen provides Enterprise Administrators with ...

    • Organizations

      Managing Organizations Article Type: Concept / How-To Audience: Enterprise Administrators Module: Enterprise Admin - Environment Structure Applies to Versions: Fuuz 2024.1+ 1. Overview Organizations are logical business units within your Fuuz ...

    • Access Types

      Understanding Access Types Article Type: Concept Audience: Enterprise Administrators, Application Administrators Module: Enterprise Admin - Access Control Applies to Versions: All Versions 1. Overview Access Types define the fundamental level of ...