Approval Requirements

Indent uses policies to determine who can request, who can review, and how access management is configured.

When an access request is submitted, Indent will check if there are any requirements based on that request and current policies. For example, someone on the engineering team needs to approve so Indent will message the #engineering channel for visibility, but require approval from a senior team-member.

Viewing configuration

1. Sign in to your Indent Space.
2. Go to Admin → Config in the sidebar.

Now, we'll go into a few examples of policy configuration ranging from basic to complex:

Basic: #access-requests

Probably the most common setup is to create an #access-requests channel that receives all the requests / notifications under a catch-all rule.

1. Import Slack channels into Indent by clicking "Pull from Integrations" on the Resources page.
2. Go to Admin → Config.
3. Click "Add Rule" button under "Catch All Rules".
4. Fill out the rule:
   • When someone requests access to... — Enter the kind of resource
   • Next require approval from... — Click "Add requirement"
     • Allow review from... — Select the reviewer(s) from the dropdown
     • By sending a notification to... — Select the channel from the dropdown
   • Optional: Webhook override — Select a different integration if not the default
5. Click "Save" to apply your changes.

Basic: individual reviewers

1. Go to Admin → Config.
2. Click "Add Rule" button.
3. Fill out the rule:
   • When someone requests access to... — Enter the kind of resource
   • Next require approval from... — Click "Add requirement"
     • Allow review from... — Select the reviewer(s) from the dropdown

       Note: if you select multiple reviewers, Indent will sequentially notify the reviewers based on the "Approver timeout" under "Advanced Settings"

   • Optional: Webhook override — Select a different integration if not the default
4. Click "Save" to apply your changes.

Complex: two-party approval

1. Go to Admin → Config.
2. Click "Add Rule" button.
3. Fill out the rule:
   • Name — Enter the name of the requirement, e.g. "Engineering"
   • When someone requests access to... — Enter the kind of resource
   • Next require approval from... — Click "Add requirement"
     • Allow review from... — Select the reviewer(s) from the dropdown
     • By sending a notification to... — Select the channel from the dropdown, e.g. #engineering
   • Click "Add requirement" and name the second party, e.g. "Security"
     • Needs — Type the name of the first requirement, e.g. "Engineering"
     • Allow review from... — Select the reviewer(s) from the dropdown
     • By sending a notification to... — Select the channel from the dropdown, e.g. #engineering
   • Optional: Webhook override — Select a different integration if not the default
4. Click "Save" to apply your changes.

Complex: manager approval

Indent's manager approval functionality works by using the managerId field on the user (populated by Okta) and resolves to a user that shares the oktaId label for the corresponding user. This requires Okta Users to have been pulled into Indent with the managerId field populated in order to work.

1. Go to Admin → Config.
2. Click "Add Rule" button.
3. Fill out the rule:
   • When someone requests access to... — Enter the kind of resource
   • Require approval from... — Toggle "User's manager" on
   • Optional: Webhook override — Select a different integration if not the default

Note: Indent recommends using group-based review instead of manager approval to avoid SPOF.

---

Looking for something?

• How to make an access request →
• How to add an integration →
• How to contact support →