This Torq workflow template provides an automated process for granting just-in-time (JIT) access to group memberships via Entra ID upon receiving a Slack command. The workflow ensures secure identity and access management by verifying the user's current group memberships, determining eligibility for JIT access, and seeking approval through a designated Slack channel. Once access is approved, the workflow temporarily adds the user to the specified group and, after the agreed duration, revokes the access, maintaining stringent access control compliance.
Trigger
Slack
Use Cases
Identity and Access Management
Workflow Breakdown
Receive a Slack command to trigger a temporary access request
Pull groups that the user has access to and compare to JIT groups setup in the variable
Ask user which group they would like access to and for how long
Send access approval request to a Slack channel of approvers with details
If access is approved, add user to the group in Entra ID, wait and then remove the user from the group
If access is rejected or request times out, notify user about verdict
Vendors
Slack, Utils, Microsoft Azure AD, Microsoft 365
Tips
Configure the Slack channel and Entra ID groups in the "Workflow Context" variable step.
Pick a Slack command to use, this example uses JIT-Request to call the workflow in Slack.