Sign up for FreeKnowledge Base

Just-in-time settings API

The JIT Access Settings API allows organizations to define how long temporary access should lastβ€”and under what conditions. Admins can configure standing and maximum access durations, create custom expiry presets, and enforce approval policies like requiring justifications or second-party approval. This makes it easy to align access privileges with least-privilege principles and audit requirements, without slowing teams down.

Add a custom expiry duration

post
Authorizations
Body
timenumberRequired
unitstring Β· enumRequiredPossible values:
Responses
204
Custom expiry added
post
POST /o/demo-org/settings/expiry-options HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Content-Type: application/json
Accept: */*
Content-Length: 21

{
  "time": 2,
  "unit": "h"
}
No content

Remove a custom expiry duration

delete
Authorizations
Path parameters
keystringRequired
Responses
204
Custom expiry removed
delete
DELETE /o/demo-org/settings/expiry-options/{key} HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Accept: */*

No content

Reset custom expiry durations

post
Authorizations
Responses
200
Reset expiry options
application/json
post
POST /o/demo-org/settings/expiry-options/_reset HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Accept: */*

{
  "options": [
    {
      "time": 5,
      "unit": "m",
      "value": "5 minutes"
    },
    {
      "time": 1,
      "unit": "h",
      "value": "1 hour"
    },
    {
      "time": 24,
      "unit": "h",
      "value": "1 day"
    },
    {
      "time": 168,
      "unit": "h",
      "value": "1 week"
    },
    {
      "time": 720,
      "unit": "h",
      "value": "30 days"
    }
  ]
}

Update approval settings

put
Authorizations
Body
allowOnePartybooleanOptional
requireReasonbooleanOptional
Responses
204
Settings updated
put
PUT /o/demo-org/settings/default-approvals HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Content-Type: application/json
Accept: */*
Content-Length: 43

{
  "allowOneParty": true,
  "requireReason": true
}
No content

Set custom standing access duration

put
Authorizations
Body
timenumberRequired
unitstring Β· enumRequiredPossible values:
Responses
200
Standing access configured
application/json
put
PUT /o/demo-org/settings/standing-access-duration HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Content-Type: application/json
Accept: */*
Content-Length: 21

{
  "time": 2,
  "unit": "h"
}
{
  "ok": true,
  "standingAccessDuration": {
    "time": 2,
    "unit": "h",
    "value": "2 hours"
  }
}

Set custom maximum access duration

put
Authorizations
Body
timenumberRequired
unitstring Β· enumRequiredPossible values:
Responses
200
Max access configured
application/json
put
PUT /o/demo-org/settings/max-access-duration HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Content-Type: application/json
Accept: */*
Content-Length: 21

{
  "time": 2,
  "unit": "h"
}
{
  "ok": true,
  "maxAccessDuration": {
    "time": 2,
    "unit": "h",
    "value": "2 hours"
  }
}
PreviousRole Management API

Last updated