Allow approval only for specific users in specific roles
We would like to enable approval for specific users in specific roles only. This way some people are exempt from approval, but others will have to request approval anyhow. Right now this is role based, but for example we have a few Global Administrators who need to be able to activate without approval, and some we would like to request approval.
If you could assign security groups to roles and define different PIM requirements to JIT into these security groups, would it solve this?
Peter Selch Dahl commented
It seems to be the same suggestion as this one: