Skip to main content

Configure Eligibility for Computers

Eligibility rules control who can discover and request access to computers published in the IAM Shop. Users must be added as eligible assignees to see and request access to specific computers.

Eligibility Types

When configuring eligibility, you can assign one of the following types:

  • Eligible – Users can discover and request access to the computer; requests require approval
  • PreApproved – Users can discover the computer and receive automatic approval for access requests
  • Suggested – The computer appears as a suggested resource for users

Prerequisites

To configure eligibility for computers:

  • The computer must be published to the IAM Shop (configured during onboarding or through computer settings)
  • You need appropriate Management Roles for computer administration

Configure Eligibility for a Computer

  1. On the navbar, expand Privileged Access and select Computers.

  2. On the Computers tab, search for the target computer.

  3. Click the Display Name link for the computer.

    The View One page for the computer opens.

  4. Click the Eligibility subtab.

    Two eligibility accordions are available:

    • Who is Eligible to Request (As Resource) – Specify who is eligible to request access and their eligibility type
    • Who is Excluded from Requesting (As Resource) – Explicitly exclude users from requesting access

  5. Expand the Who is Eligible to Request (As Resource) accordion.

  6. Click the Add button in the grid header.

  7. In the Assignment Information pane, configure the following:

    • Eligibility Type – Select Eligible, PreApproved, or Suggested
    • Which Type of Assignee for this Policy – Select the EmpowerID actor type (Person, Group, Business Role, Location, etc.)
    • Select Name to Search – Search for and select the specific assignee
    note

    The assignee must match the selected assignee type. For example, if you select Group as the assignee type, only groups will appear in the search results.

  8. Click Save.

  9. Repeat steps 6-8 to add additional eligibility assignments.

  10. Click Submit when finished.

Results

After submitting:

  • Users granted eligibility can discover the computer in the IAM Shop
  • Eligible users can request access according to their eligibility type
  • PreApproved users receive automatic approval for access requests
  • Excluded users cannot discover or request access to the computer