Delegation of access reviews and approvals are in Public Preview

Patrik Jonsson
Patrik Jonsson
patrik@idguys.tech
August 30, 2025 ~3 min read 402 words
ID GovernanceEntitlement ManagementAccess Reviews

Entitlement Management has a distinct separation of being an approver or access reviewer, and being able to manage who holds those roles. If you are an approver or reviewer and need to delegate it to other people, temporary or on a permanent basis, you have been dependent on contacting someone with an administrative role for each of the access package catalogs your access packages is placed in.

Microsoft has enabled a preview feature that can solve this a bit easier, but make sure you realize what this means before you enable it.

Enabling preview features in Entitlement Management

In the Entra portal, click on ID Governance > Entitlement management. In the left navigation bar, click on Preview features under the headline Entitlement management.

This will show you current preview features and their status.

Click on Allow users to delegate approvals and access reviews in My Access.

Check the box next to I understand the implications of this setting and click Save.

Make sure to click Save on the overview page as well.

Enable delegation

Image not found: /api/images/oof-enable.png

What does this feature do?

First of all, remember that this setting is tenant wide. It is immediately enabled for all users that are assigned as a reviewer or approver.

It is easy to identity that the setting is enabled, just go to https://myaccess.microsoft.com and compare the look before and after enabling it.

Before

My Access before enabling the preview feature

Image not found: /api/images/oof-before.png

After

My Access after enabling the preview feature

Image not found: /api/images/oof1.png

Any user can now delegate approvals and access reviews to others for a specific time. It is even possible to not set an end time at all for this delegation.

Configure individual delegation

Image not found: /api/images/oof2.png

It is important to remember that this delegates all your access reviews and approvals, to the same persons, so be careful with how this is used.

You will still receive mails for both requests and reviews, and have the option to act on them during the time delegation is enabled.

NOTE
This should not be used to delegate the configuration of reviewers and approvers on a permanent basis, but as an Out of Office-like management of the responsibilites.

If you are no longer assigned as a reviewer or approver on an Access Package, the delegation will end without you necessarily knowing about it.

Using this as a permanent delegation method also makes it difficult do identify who is actually assigned as reviewer or approver.

Comments

No comments yet. Be the first to share your thoughts!

Share
Twitter
Bluesky
LinkedIn
Related Topics
ID GovernanceEntitlement ManagementAccess Reviews
View All Tags