ConductorOne’s data model underpins all of the automation and orchestration of access controls, so it has to be robust enough to understand any app, resource, and fine-grained entitlement. Today we’re announcing the ability to control access – for those who control access! To be more clear, you can now monitor, review, and request fine-grained entitlements for the ConductorOne app, in the ConductorOne app.
Roles in ConductorOne
Your end users might use ConductorOne for requesting access, some may use it during an access review campaign, and a select few will be deeper into the administrative functionality. ConductorOne now surfaces these roles like any other entitlement. Roles include basic user, access request admin, campaign admin, integration admin, and super admin – each exposing the user to only the functionality they require.
Control access to the tool that controls access
The ability to surface these entitlements in ConductorOne gives you the power to monitor who has the “keys to the castle”. You can add ConductorOne roles to an access review campaign to audit whether users have the appropriate level of permissions in the app – and who has super admin access to all of the ConductorOne access control functionality. You can also easily allow users to request new ConductorOne roles by adding them to request catalogs and bundles.
Learn more about using controlling access to ConductorOne in our docs.