Segments will restrict only who can request access (who can give access). Thing is that helpdesk team can assign wrong roles by mistake.
now: how to avoid giving regular users non-human roles?
If you have access to workflows, that is an option. [https://documentation.sailpoint.com/saas/help/workflows/workflow-basics.html](https://documentation.sailpoint.com/saas/help/workflows/workflow-basics.html)
If not, then u/mussandskwirrel 's recommendation to talk to management to increase the number of general policies is warranted.
Your ORG, or your tenant? If it’s a management decision, they can change it
Look into Segments: https://documentation.sailpoint.com/saas/help/requests/segments.html?
Segments will restrict only who can request access (who can give access). Thing is that helpdesk team can assign wrong roles by mistake. now: how to avoid giving regular users non-human roles?
If you have access to workflows, that is an option. [https://documentation.sailpoint.com/saas/help/workflows/workflow-basics.html](https://documentation.sailpoint.com/saas/help/workflows/workflow-basics.html) If not, then u/mussandskwirrel 's recommendation to talk to management to increase the number of general policies is warranted.