This workflow template allows users to request temporary, just-in-time access to specific Azure AD groups via a Slack command. With built-in approval mechanisms, the request is reviewed in a designated Slack channel, and, if approved, the user is temporarily added to the Azure AD group. Access is automatically revoked after the specified time, ensuring secure and compliant identity and access management.
Trigger
Slack
Use Cases
Identity and Access Management
Workflow Breakdown
Receive a Slack command to trigger a temporary access request
Pull groups that the user has access to and compare to JIT groups setup in the variable
Ask user which group they would like access to and for how long
Send access approval request to a Slack channel of approvers with details
If access is approved, add user to the group in Azure AD, wait and then remove the user from the group
If access is rejected or request times out, notify user about verdict
Vendors
Slack, Utils, Microsoft Azure AD, Microsoft 365
Tips
Configure the Slack channel and Azure AD groups in the \"Workflow Context\" variable step.","Pick a Slack command to use, this example uses JIT-Request to call the workflow in Slack