PIM: Mandatory justification when approving requests

Pentti Nakari 25 Reputation points
2024-03-29T06:47:35.4+00:00

In PIM, whatever Activation & Assignment settings I put in the role, when approving the role, I will always have to enter justification.

Is the justification mandatory when approving a role? I couldn't find anything about that in Microsoft Learn.

If there's a way to not change this to not require justification, let me know.

User's image

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,299 questions
0 comments No comments
{count} votes

Accepted answer
  1. Navya 3,515 Reputation points Microsoft Vendor
    2024-04-02T10:08:21.91+00:00

    Hi @Pentti Nakari

    Thank you for posting this in Microsoft Q&A.

    I understand you are asking if it's mandatory to enter justification when approving a role in PIM (Privileged Identity Management) in Microsoft Azure.

    Is the justification mandatory when approving a role? If there's a way to not change this to not require justification.

    Yes, it is mandatory when approving a PIM role. Unfortunately, there is no way to change justification.

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Navya.

    If the answer is helpful, please click "Accept Answer" and kindly "upvote" it.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Martin Therkelsen 1,405 Reputation points MVP
    2024-03-29T10:04:37.4066667+00:00

    Hi Pentti,

    It is possible to remove it, but I do not recommend it. The justification encourages users to think about why they are asking for permission and not just enable it, which can save them a few minutes later if needed. It is done in PIM management: Microsoft Entra Roles—Select Role—Edit Role. Then, you have the option shown below.

    User's image