Just-in-time settings API

The JIT Access Settings API allows organizations to define how long temporary access should last—and under what conditions. Admins can configure standing and maximum access durations, create custom expiry presets, and enforce approval policies like requiring justifications or second-party approval. This makes it easy to align access privileges with least-privilege principles and audit requirements, without slowing teams down.

Add a custom expiry duration

post
Authorizations
Body
timenumberRequired
unitstring · enumRequiredPossible values:
Responses
204

Custom expiry added

post
POST /o/demo-org/settings/expiry-options HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Content-Type: application/json
Accept: */*
Content-Length: 21

{
  "time": 2,
  "unit": "h"
}

No content

Remove a custom expiry duration

delete
Authorizations
Path parameters
keystringRequired
Responses
204

Custom expiry removed

delete
DELETE /o/demo-org/settings/expiry-options/{key} HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Accept: */*

No content

Reset custom expiry durations

post
Authorizations
Responses
200

Reset expiry options

application/json
post
POST /o/demo-org/settings/expiry-options/_reset HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Accept: */*
{
  "options": [
    {
      "time": 5,
      "unit": "m",
      "value": "5 minutes"
    },
    {
      "time": 1,
      "unit": "h",
      "value": "1 hour"
    },
    {
      "time": 24,
      "unit": "h",
      "value": "1 day"
    },
    {
      "time": 168,
      "unit": "h",
      "value": "1 week"
    },
    {
      "time": 720,
      "unit": "h",
      "value": "30 days"
    }
  ]
}

Update approval settings

put
Authorizations
Body
allowOnePartybooleanOptional
requireReasonbooleanOptional
Responses
204

Settings updated

put
PUT /o/demo-org/settings/default-approvals HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Content-Type: application/json
Accept: */*
Content-Length: 43

{
  "allowOneParty": true,
  "requireReason": true
}

No content

Set custom standing access duration

put
Authorizations
Body
timenumberRequired
unitstring · enumRequiredPossible values:
Responses
200

Standing access configured

application/json
put
PUT /o/demo-org/settings/standing-access-duration HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Content-Type: application/json
Accept: */*
Content-Length: 21

{
  "time": 2,
  "unit": "h"
}
{
  "ok": true,
  "standingAccessDuration": {
    "time": 2,
    "unit": "h",
    "value": "2 hours"
  }
}

Set custom maximum access duration

put
Authorizations
Body
timenumberRequired
unitstring · enumRequiredPossible values:
Responses
200

Max access configured

application/json
put
PUT /o/demo-org/settings/max-access-duration HTTP/1.1
Host: api.p0.app
Authorization: Bearer API Key
Content-Type: application/json
Accept: */*
Content-Length: 21

{
  "time": 2,
  "unit": "h"
}
{
  "ok": true,
  "maxAccessDuration": {
    "time": 2,
    "unit": "h",
    "value": "2 hours"
  }
}

Last updated