This Torq workflow template enables businesses to streamline temporary access requests for their employees through a Slack-triggered workflow. Users can request Just-In-Time (JIT) access to specific groups within Active Directory. The workflow reviews user group memberships, obtains access approval through a designated Slack approval channel, and then grants temporary group access in Azure AD accordingly. Access is automatically revoked after an approved duration, ensuring optimal security and compliance.
Trigger
Slack
Use Cases
Identity and Access Management
Workflow Breakdown
Receive a Slack command to trigger a temporary access request
Pull groups that the user has access to and compare to JIT groups setup in the variable
Ask user which group they would like access to and for how long
Send access approval request to a Slack channel of approvers with details
If access is approved, add user to the group in Azure AD, wait and then remove the user from the group
If access is rejected or the request times out, notify the user about verdict
Vendors
Slack, Utils, Microsoft Active Directory
Workflow Output
Temporary group membership in Active Directory
Tips
If required, setup a Torq step runner to access an internal Active Directory server