⏰Just-in-time access
Set up ephemeral, on-demand access to production resources. Requests are approved, provisioned, and automatically revoked within minutes using P0 Security.
Just-in-time (JIT) access allows your organization's users to gain ephemeral access to individual production resources on demand, replacing standing access. Access is requested, approved, provisioned, and automatically revoked — all within minutes.
New to P0? Start with the Getting started with just-in-time access guide to set up your first integration and make your first access request in about 15 minutes.
How it works
A user requests access to a specific resource (via Slack, the P0 web app, or the P0 CLI).
P0 routes the request to the appropriate approver based on your organization's policies.
An approver reviews and approves (or denies) the request.
P0 provisions access automatically and notifies the requester.
Access expires after the approved duration, or the requester relinquishes it early.
Request access
Learn how to create, track, and manage access requests:
Requesting access — Create access requests via Slack or the P0 web app, discuss with approvers, and manage active sessions.
Request on behalf of another user — Submit access requests for a colleague or service account.
Web request modal — Use the P0 web app to request access directly from your browser.
You can also request access using the P0 CLI. See p0 request, p0 aws role assume, and p0 ssh for command-line workflows.
Approve access
Configure approval policies and review incoming requests:
Approving access — Configure approvers, review requests, and manage approval workflows.
Pre-approving access — Set up standing approvals so that specific users or groups receive access automatically.
P0 Allow modal, CLI, and UI — Grant pre-approved access through the web app or CLI.
Configure access policies
Control who can request what, and who approves:
Access policies — Define policies that route requests to specific approvers based on the requester, resource, and access type.
Monitor and audit
Session recording — View detailed activity logs for privileged sessions to answer questions about what happened during access.
Automate with the API
Just-in-time API — Programmatically manage access workflows, including the Command API, Access Requests API, and Access Policies API.
Last updated