Privileged Roles (e.g. LEA Administrator, LEA Data Auditor, LEA Help Desk, LEA Student Help Desk, School Help Desk, and/or School Student Help Desk) can be revoked in either of two ways:
1. The user with the elevated privilege can self-revoke a role by using the same workflow process they used to originally request the role.
For example, after logging into the IAM Service:
- Click Requests (from the Applications drop down)
- My Entitlements (along the left side)
- Uncheck the role to be revoked
- Click the Request button at the bottom of the screen
The privileged role would be revoked immediately.
2. LEA Administrators at the PSU may request role removal by opening a Sales Force ticket with Identity Automation by:
- Clicking on the Support Community for Identity Automation icon in Applications
- Going to the Customer Support Community: https://identityautomation.force.com/support/s or
- By sending Email: email@example.com
NOTE: While an LEA Administrator doesn't have the ability to *directly* remove another employee's elevated privileges, an LEA Administrator *does* have the ability to immediately disable an account if needed. That process is described in the Training Videos (see the Applications tab -> Training -> LEA Administrator Training -> "How do I disable someone's account?")