---
title: "Access Builder Settings"
slug: "access-builder-settings"
updated: 2026-04-24T04:41:23Z
published: 2026-04-24T04:41:23Z
canonical: "docs.britive.com/access-builder-settings"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://docs.britive.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Access Builder Settings

Important

The Access Builder feature is enabled only on request. Please reach out to your customer success point of contact to enable this.

The Britive Access builder helps users request access to existing Britive profiles, reducing overhead on administrators who create and manage Britive profiles. This feature also lets users create their own profiles with available permissions. Administrators control which applications and permissions are available for users to request access to and which users/tags can request access to which applications. Approvals can be configured so that profile access requests are reviewed by various stakeholders before any profile access is granted to requesters.

Access Builder also supports requesting access to tags instead of individual profiles. Tags are associated with profiles, resource profiles, or secrets.

There are multiple ways to request access to profiles:

- Users can request access to the existing profiles and associated policies. In this case, the profiles and policies are already created by an administrator.
- Users can create new profiles using existing roles and permissions in the target environment and then request access to those profiles.
- Users can request access to tags, which are associated with profiles, resource profiles, or secrets.

## **Access Builder Settings (Admin configuration)**

The administrator needs to make the following configuration so that users can request access to the profiles of a particular application.

1. Log in to Britive with administrator privileges.
2. There are two ways to configure Access Builder settings:
  1. From applications:
    1. Click on **System admin** -> **Tenant Applications.**
    2. Click on the application and select **Access Builder Settings** from the navigation menu.
    3. Check **Allow Access Builder** to enable the Access Builder feature. This can be enabled only if the **Association Approvers** and **Notifications**settings are completed.
    4. **Manager Approval Settings**: Select Manager Approval if you want the requester's manager and/or approvers to approve/reject Access Builder requests. You can select one of the following:
      - **Manager OR Approvers**: The manager or the approvers approve/reject the request.
      - **Manager AND Owner**: The manager and approvers must approve/reject the request.
      - **Manager Only**: Only the requester's manager can approve/reject the request, and any association approvers assigned are not part of the approval flow.
    5. **Association Approvers (Only applicable for tenant applications):**This is a mandatory configuration.****Define a combination of an association and an approver group**.**
      1. Click on **Add Approver Group**to add a group of approvers for profile requests generated under the app. The members of the approver group approve the profile request.
      2. Enter the **Name** of the approver group.
      3. Select the **Approval Condition**:
        1. **All members**: All members of the approver group must approve the request so that the user can check out the profile for access.
        2. **Any member**: Any member of the approver group can approve the request.
          1. Click **Select Users** to add individual users to the approver group.
          2. Click **Select Tags**to add tags to the approver group.
      4. Click **Save**.
      5. Edit, delete, or view members from the list of approver groups. An approver group can not be deleted if it is mapped to one or more associations.
    6. Click on **Add Assignment**to configure associations. You must add at least one approver group to add an assignment.
      1. Enter the **Name** of the association.
      2. Check the environments from the **Associations** section, which users can request access to. All the profiles associated with this environment are available for access requests.
      3. Click on **Select Approver Groups** to select approver groups for this assignment.
    7. **Approval Timeout:**This is a mandatory configuration. Specify the time for approval from the approver group. The access request is not valid if it is not approved within this timeout.
    8. **Maximum allowed profile expiration timeout:**This is a mandatory configuration. This is the maximum allowed value for the **Expiration Timeout**when creating a profile.****
    9. **Notifications**: This is a mandatory configuration. Configure to send the notification to the approvers when a profile access/creation request is submitted.
      1. Click **Add Notification** to add a new notification medium.
      2. Select a notification medium from the dropdown list of notifications and click **Add**.
    10. **Requesters (Applicable only for applications):**This is an optional configuration. Configure which users can request access. All users can request access to profiles if this configuration is not specified.
      1. Click **Select Users** and/or **Select Tags** to configure the list of requesters.
      2. Select **Include** or **Exclude** to either include or exclude a particular user/tag from requesting access.
  2. From tags:
    1. Click on **System admin** -> **Identity Management**
    2. Click on **Tags -> Access Builder Settings**.
    3. Click Edit to configure or update Access Builder settings.
    4. Check **Allow Access Builder** to enable the Access Builder feature. This can be enabled only if the **Approval Timeout** and **Notifications** settings are completed.
    5. **Manager Approval Settings**: Select Manager Approval if you want the requester's manager and/or tag owners to approve/reject Access Builder requests. You can select one of the following:
      - **Manager OR Owner**: The manager or the tag owners approve/reject the request.
      - **Manager AND Owner**: The manager and tag owners must approve/reject the request.
      - **Manager Only**: Only the requester's manager can approve/reject the request.
    6. **Approval Timeout**: This is a mandatory configuration. Specify the time for approval from the approver group. The access request is not valid if it is not approved within this timeout.
    7. **Notifications**: This is a mandatory configuration. Configure it to send the notification to the tag owners, managers, and requesters when a tag access request is submitted.
      1. Click **Add Notification** to add a new notification medium.
      2. Select a notification medium from the dropdown list of notifications and click **Add**.
3. Click **Save**.