# Just-in-time access Just-in-time (JIT) access allows your organization's users to gain ephemeral access to individual production resources on demand, replacing standing access. Access is requested, approved, provisioned, and automatically revoked — all within minutes. {% hint style="info" %} New to P0? Start with the [Getting started with just-in-time access](https://docs.p0.dev/getting-started/getting-started-with-just-in-time-access) guide to set up your first integration and make your first access request in about 15 minutes. {% endhint %} ## How it works 1. A user **requests** access to a specific resource (via Slack, the P0 web app, or the [P0 CLI](https://docs.p0.dev/p0-cli/p0-commands-and-usage/p0-request)). 2. P0 **routes** the request to the appropriate approver based on your organization's policies. 3. An approver **reviews and approves** (or denies) the request. 4. P0 **provisions** access automatically and notifies the requester. 5. Access **expires** after the approved duration, or the requester relinquishes it early. ## Request access Learn how to create, track, and manage access requests: * [Requesting access](https://docs.p0.dev/orchestration/just-in-time-access/requesting-access) — Create access requests via Slack or the P0 web app, discuss with approvers, and manage active sessions. * [Request on behalf of another user](https://docs.p0.dev/orchestration/just-in-time-access/requesting-access/for-another-party) — Submit access requests for a colleague or service account. * [Web request modal](https://docs.p0.dev/orchestration/just-in-time-access/requesting-access/web-request-modal) — Use the P0 web app to request access directly from your browser. You can also request access using the P0 CLI. See [`p0 request`](https://docs.p0.dev/p0-cli/p0-commands-and-usage/p0-request), [`p0 aws role assume`](https://docs.p0.dev/p0-cli/p0-commands-and-usage/p0-aws-role-assume), and [`p0 ssh`](https://docs.p0.dev/p0-cli/p0-commands-and-usage/p0-ssh) for command-line workflows. ## Approve access Configure approval policies and review incoming requests: * [Approving access](https://docs.p0.dev/orchestration/just-in-time-access/approving-access) — Configure approvers, review requests, and manage approval workflows. * [Pre-approving access](https://docs.p0.dev/orchestration/just-in-time-access/approving-access/pre-approving-access) — Set up standing approvals so that specific users or groups receive access automatically. * [P0 Allow modal, CLI, and UI](https://docs.p0.dev/orchestration/just-in-time-access/approving-access/p0-allow-workflows) — Grant pre-approved access through the web app or CLI. ## Configure request routing Control who can request what, and who approves: * [Request routing](https://docs.p0.dev/orchestration/just-in-time-access/request-routing) — Define rules that route requests to specific approvers based on the requester, resource, and access type. * [Google Cloud filtering](https://docs.p0.dev/orchestration/just-in-time-access/request-routing/google-cloud-filtering) * [AWS filtering](https://docs.p0.dev/orchestration/just-in-time-access/request-routing/aws-filtering) * [Microsoft Azure filtering](https://docs.p0.dev/orchestration/just-in-time-access/request-routing/microsoft-azure-filtering) * [SSH filtering](https://docs.p0.dev/orchestration/just-in-time-access/request-routing/ssh-filtering) ## Monitor and audit * [Session recording](https://docs.p0.dev/orchestration/just-in-time-access/session-recording) — View detailed activity logs for privileged sessions to answer questions about what happened during access. ## Automate with the API * [Just-in-time API](https://docs.p0.dev/orchestration/just-in-time-access/just-in-time-api) — Programmatically manage access workflows, including the [Command API](https://docs.p0.dev/orchestration/just-in-time-access/just-in-time-api/command-api), [Access Requests API](https://docs.p0.dev/orchestration/just-in-time-access/just-in-time-api/access-requests-api), and [Routing Rules API](https://docs.p0.dev/orchestration/just-in-time-access/just-in-time-api/routing-rules-api). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.p0.dev/orchestration/just-in-time-access.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.