To support advanced request grant workflows, Opal will now notify users to extend access if their access will expire within 1 day, support employees to request access on behalf of others, and admins to approve access requests.
Opal is a self-service catalog that enables employees to request access to critical resources and admins to configure security and approval guardrails. Leveraging feedback from our customers, three use cases emerged:
* Access Extensions: Opal enables employees to easily request for short-lived access. However, if employees want to extend their access, they have to make another access request
* Admin approvals: There may be times when required reviewers are unavailable to take action, such as unexpected emergencies or unplanned events
* Request on behalf of: There are many circumstances in which you would want to submit requests on behalf of other users. For example, managers might want to request access for their reports, or resource owners might need to request access for others in case of emergencies or unusual circumstances.
For short-lived access requests that automatically expire after 1 day, Opal notifies users 24 hours and 1 hour before their access will expire. Notifications will be delivered over Slack and Email.
After users click on the notifications, they are able to request extensions.
Resource and Group admins can approve requests for the resources that they own. Opal admins can approve all requests. This action can be taken in both Slack and Web!
Opal now supports employees to select which user they want to request for. However, to support this functionality in a safe manner, we have only enabled this configuration for Opal Admins, Resource and Group Admins, and Managers.
Opal is the centralized authorization platform for IT and Infrastructure teams. Deeply integrated with developer infrastructure, SaaS applications, and custom internal tools, Opal enables companies to implement scalable access management.