Opal + Internal Tools

‍

Opal + Internal Tools Use cases

Protect against breaches with least privilege

• Grant just-in-time access to internal tools that are auto-expiring and fully audited using Slack
• Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more

Accelerate employee access on paved roads

• Enable resource owners with the most context to approve access requests and provision access automatically via Slack
• Accelerate employee onboarding by enabling managers to request on behalf of their reports or enabling self-service discovery of resource bundles
• Automate on-call access by provisioning and deprovisioning access via on-call schedules

Simplify compliance without manual overhead

• Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report
• Review access of employees who have recently transferred roles or departments

Internal Tools + Opal Overview

Opal can connect with any homegrown applications. These applications include impersonation tools or admin dashboards. For an advanced guide, please view our guide on managing access to internal tools.

Internal Tools Integration Overview

Opal can integrate with custom internal tools in two ways:

1. Identity provider
2. Custom API

For the former, this integration is more straightforward and we can provide access via an identity provider group.

For the latter, this integration is more involved, we can provide much more granular access via our API. Rather than providing coarse access via a group, our customers can use our API to define different access levels. Access levels can be defined as individual customers or cohorts of customers.

‍