Set up ephemeral, on-demand access to production resources. Requests are approved, provisioned, and automatically revoked within minutes using P0 Security.
Just-in-time (JIT) access allows your organization's users to gain ephemeral access to individual production resources on demand, replacing standing access. Access is requested, approved, provisioned, and automatically revoked — all within minutes.
New to P0?
Developers requesting access: Start with the request access quickstart to submit your first request in minutes.
Administrators setting up P0: Start with the Getting started with just-in-time access guide to configure integrations and approval workflows.
A user requests access to a specific resource (via Slack, the P0 web app, or the P0 CLI).
P0 routes the request to the appropriate approver based on your organization's policies.
An approver reviews and approves (or denies) the request.
P0 provisions access automatically and notifies the requester.
Access expires after the approved duration, or the requester relinquishes it early.
Learn how to create, track, and manage access requests:
Requesting access — Create access requests via Slack or the P0 web app, discuss with approvers, and manage active sessions.
Request on behalf of another user — Submit access requests for a colleague or service account.
Web request modal — Use the P0 web app to request access directly from your browser.
You can also request access using the P0 CLI. See p0 request, p0 aws role assume, and p0 ssh for command-line workflows.
Configure approval policies and review incoming requests:
Approving access — Configure approvers, review requests, and manage approval workflows.
Pre-approving access — Set up standing approvals so that specific users or groups receive access automatically.
P0 Allow modal, CLI, and UI — Grant pre-approved access through the web app or CLI.
Control who can request what, and who approves:
Access policies — Define policies that route requests to specific approvers based on the requester, resource, and access type.
Session recording — View detailed activity logs for privileged sessions to answer questions about what happened during access.
Just-in-time API — Programmatically manage access workflows, including the Command API, Access Requests API, and Access Policies API.
Last updated
