Microsoft Identity Manager 2016 SP1 Portal (4.4.1459.0 or Later) - Approval Justification Entry Enhancement


Hello folks, David Steadman Here !!

Today with the release of the Microsoft Identity Manager SP1 March 2017 Hotfix 4.4.1459.0, We released a enhancement that we have heard and also I have personally dealt with in the field that the Requestor or Approver has no means to provide Justification upon creating the request or Approving/Rejecting pending request

The Justification attribute cannot be configured as a required attribute in this initial release.  This additional functionality’s being considered for a future version of the product.    Also if using with email notification you can only use Approval / Denied Template Type


  1. On Portal Configuration Page Enable Justification UI (Administration—>Portal Configuration –> Extended Attributes) Check the Enable Justification UI Boolean. Then perform IIS reset
  2. After that new text area is displayed on membership request dialogs:
    • Justification is added to new attribute in System Schema — [Request/Justification]
    • RCDC update to Create request has a new Itemimage
    • When Joining a Group Request
  3. Now Justification visible upon viewing the request by Approver, RCDC for Request View has to be edited to include [Request/Justification] attribute. More on RCDC can be found hereimage
  4. When Group Owner Approves provides justification on approval or Deny
    • 2017-03-29_7-50-32
    • Then Approval response is then inserted into the Approval object Reason
      • 2017-03-29_7-52-58
  5. To include Justification to email templates, Update the template by using the [//Request/Justification] and [//WorkflowData/Reason] parameters.

We hope you enjoy this enhancement!!