Helping employees help themselves


Forgotten passwords, unlocking accounts, ordering permissions – a flood of recurring, simple tasks arrives at the Helpdesk. In order to relieve the helpdesk and administration as well as to shorten waiting times for the user, these can be automated with a user self-service. An employee can trigger the unblocking of the account via simply designed web pages instead of contacting support.


If they have forgotten his password, they can have a new one sent to them online using this procedure – online, 24 hours a day, 7 days a week and without support from the helpdesk.


If a user needs access to an application or an authorization within an application, they simply order it via a user self web shop like from a catalogue. This triggers a defined process, which, for example, contains various approvals. In addition, it is possible for the user to get an overview of what is currently happening with their order (tracking) and if there are difficulties, where their request is escalated.

Benefits of user self-service

  • Direct access to IT resources via the web shop offers greater user convenience.
  • The mapping of the IT portfolio saves the business department from having to enquire and the helpdesk is relieved because there is no need to explain the IT equipment and to enquire about order requests.
  • The status of a process can be called up at any time and all work steps are documented.
  • Processes are revised, standardized and often optimized.
  • Speed increases with costs decreasing: Incorrectly executed processes are immediately corrected in an escalation loop. The control of release via workflows also shortens transport and wait times.

Obstacles of user self-service

  • If the IT-specific descriptions of accounts and authorizations are adopted in the Web Shop, this results in massive incorrect orders and/or inquiries to support for the purpose of translating the “IT gibberish”. The user self-service fails due to a lack of acceptance.
  • Catalogues quickly become too large because, for example, a selection has to be offered for 15 systems with 1000 authorisations each. Extensive experience is required to master the mass and complexity and to reduce it for the user.
  • The user self service for authorizations is mostly independent of the user self service for software, the user self service for hardware, the user interface for incidents, and so on. There is the danger of overloading the user with tools.
  • Non-IDM web shops do not support cancellation of permissions, although this is necessary for security reasons. Whoever uses a web shop therefore needs a separate solution for revocations.
  • Many user self-service web shops are not compatible with the IDM systems used.
  • Often in a user self service web shop everything is visible for every customer. However, it makes little sense that the janitor can order the authorizations of board members.
  • Web shops do not support automatic provisioning; an IDM system is required in addition.


A user self-service is no substitute for Identity Management, it merely complements the IDM’s user life cycle management.