This KB article introduces a workflow template for automating the elevation of user privileges within JumpCloud systems via a Slack slash command. The workflow ensures secure identity management by validating Slack tokens, confirming user identity, and enabling temporary admin rights on specified systems. It adds an extra layer of security by sending and validating a one-time token to the user's alternate email. Admin rights are auto-revoked once the specified duration ends, and both the user and admin are notified throughout the process.
Trigger
Slack Slash Commands
Optional Triggers
"Microsoft Teams"
Use Cases
Identity and Access Management , Security Bots
Workflow Breakdown
Send a message to the user and the admin user or channel and reply inside of the thread for all communications
Validate the Slack Application Token, Slack Team, and user in JumpCloud
Send and validate a random token to the users alternate email
Find the systems the user is associated with and ask the user which system elevation is needed on and for how long
Enable the user for elevation on the system
Wait for the time to expire and remove the ability to elevate permissions
Send a message to the user and the admin user or channel on the elevation being revoked
Vendors
Slack, Utils, Email, JumpCloud
Workflow Output
All output via Slack to the user or admin user/channel on success of any failure
Tips
Make sure to setup the JumpCloud API token in the JumpCloud http steps as required