Application Access Request.

Question

Application Access Request.

Reyes Sanchez, Alejandro (A.) 0

My team and I are looking for a way to activate self-service so that we can manage user requests. Do you know how to activate it?

VEMULA SRISAI 12,365 Reputation points Microsoft External Staff Moderator

2026-03-13T09:34:29.4566667+00:00
Hello Reyes Sanchez, Alejandro (A.),

You can enable self‑service application access requests directly in Microsoft Entra ID for the required application.

Steps to enable it:

Sign in to the Microsoft Entra admin center with Cloud Application Administrator or Application Administrator role.

Go to Entra ID → Enterprise applications → All applications and select the application.

Open Self-service from the left menu.

Set “Allow users to request access to this application?” to Yes.

Select the target group, optionally configure approvers, and Save.

Once enabled, users can request access from the My Apps portal and approvers can manage the requests. A Microsoft Entra ID P1 or P2 license is required.
VEMULA SRISAI 12,365 Reputation points Microsoft External Staff Moderator

2026-03-17T10:31:43.8633333+00:00

Reyes Sanchez, Alejandro (A.) could you please check my previous response and let me know if you need any additional informarion,

1 answer

Your answer

VEMULA SRISAI 12,365 Reputation points Microsoft External Staff Moderator

2026-03-13T09:34:29.4566667+00:00

Hello Reyes Sanchez, Alejandro (A.),

You can enable self‑service application access requests directly in Microsoft Entra ID for the required application.

Steps to enable it:

Sign in to the Microsoft Entra admin center with Cloud Application Administrator or Application Administrator role.

Go to Entra ID → Enterprise applications → All applications and select the application.

Open Self-service from the left menu.

Set “Allow users to request access to this application?” to Yes.

Select the target group, optionally configure approvers, and Save.

Once enabled, users can request access from the My Apps portal and approvers can manage the requests. A Microsoft Entra ID P1 or P2 license is required.
VEMULA SRISAI 12,365 Reputation points Microsoft External Staff Moderator

2026-03-17T10:31:43.8633333+00:00

Reyes Sanchez, Alejandro (A.) could you please check my previous response and let me know if you need any additional informarion,

Answer 1

To activate self-service so users can request access to applications and you can manage those requests, enable Self-service application access on each relevant enterprise application in Microsoft Entra ID.

Follow these steps for each app:

Sign in to the Microsoft Entra admin center with a Cloud Application Administrator or Application Administrator role.
Go to Entra ID > Enterprise apps > All applications.
Search for and select the application you want to enable for self-service.
In the left navigation, select Self-service.
Set Allow users to request access to this application? to Yes.
Next to To which group should assigned users be added?, select Select group, choose a (cloud) group, and select Select.
- When a request is approved, users are added to this group. (On-premises–synced groups aren’t supported here.)
(Optional) To require business approval, set Require approval before granting access to this application? to Yes.
(Optional) Next to Who is allowed to approve access to this application?, select Select approvers and choose up to 10 individual approvers.
(Optional) If the app exposes roles, next to To which role should users be assigned in this application?, select Select Role, choose the role, and select Select.
Select Save at the top of the pane.

Prerequisites:

A Microsoft Entra user account.
Role: Cloud Application Administrator or Application Administrator.
Users and approvers must have Microsoft Entra ID P1 or P2 licenses to request and approve self-service app access.

After configuration, users go to the My Apps portal and select Request new apps to discover and request enabled applications. Approvers see and act on requests in their My Apps portal, and you can track access via the configured group.

References:

Share via

Application Access Request.

1 answer

Your answer