You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/governance/create-access-review.md
+16-2Lines changed: 16 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -11,7 +11,7 @@ ms.tgt_pltfrm: na
11
11
ms.devlang: na
12
12
ms.topic: conceptual
13
13
ms.subservice: compliance
14
-
ms.date: 05/21/2019
14
+
ms.date: 02/06/2020
15
15
ms.author: ajburnle
16
16
ms.reviewer: mwahl
17
17
ms.collection: M365-identity-device-management
@@ -88,7 +88,7 @@ For more information, see [License requirements](access-reviews-overview.md#lice
88
88
89
89
90
90
91
-
1. If you want to automatically remove access for users that were denied, set **Auto apply results to resource** to **Enable**. If you want to manually apply the results when the review completes, set the switch to **Disable**.
91
+
1. If you want to automatically remove, access for users that were denied, set **Auto apply results to resource** to **Enable**. If you want to manually apply the results when the review completes, set the switch to **Disable**.
92
92
93
93
1. Use the **Should reviewer not respond** list to specify what happens for users that are not reviewed by the reviewer within the review period. This setting does not impact users who have been reviewed by the reviewers manually. If the final reviewer's decision is Deny, then the user's access will be removed.
94
94
@@ -123,6 +123,20 @@ By default, Azure AD sends an email to reviewers shortly after the review starts
123
123
124
124
If you have assigned guests as reviewers and they have not accepted the invite, they will not receive an email from access reviews because they must first accept the invite prior to reviewing.
125
125
126
+
## Access review status table
127
+
128
+
| Status | Definition |
129
+
|--------|------------|
130
+
|NotStarted | Review was created, user discovery is waiting to start. |
131
+
|Initializing | User discovery is in progress to identify all users that are part of the review. |
132
+
|Starting | Review is starting. If email notifications are enabled, emails are being sent to reviewers. |
133
+
|InProgress | Review has started. If email notifications are enabled emails have been sent to reviewers. Reviewers can submit decisions until the due date. |
134
+
|Completing | Review is being completed and emails are being sent to the review owner. |
135
+
|AutoReviewing | Review is in a system reviewing stage. The system is recording decisions for users who were not reviewed based on recommendations or pre-configured decisions. |
136
+
|AutoReviewed | Decisions have been recorded by the system for all users who were not reviewed. Review is ready to proceed to **Applying** if Auto-Apply is enabled. |
137
+
|Applying | There will be no change in access for users who were approved. |
138
+
|Applied | Denied users, if any, have been removed from the resource or directory. |
139
+
126
140
## Create reviews via APIs
127
141
128
142
You can also create access reviews using APIs. What you do to manage access reviews of groups and application users in the Azure portal can also be done using Microsoft Graph APIs. For more information, see the [Azure AD access reviews API reference](https://docs.microsoft.com/graph/api/resources/accessreviews-root?view=graph-rest-beta). For a code sample, see [Example of retrieving Azure AD access reviews via Microsoft Graph](https://techcommunity.microsoft.com/t5/Azure-Active-Directory/Example-of-retrieving-Azure-AD-access-reviews-via-Microsoft/m-p/236096).
0 commit comments