Make access requests
Learn how to request access to Opal resources.
To request access to resources, use the Catalog in your Opal dashboard, or your connected productivity integration, such as Slack.
Request access in the Opal UI
End users request access through the Catalog or using the Request Access button. You can also find apps from the Search page.
After selecting an app, you can choose Resources that you want to request. Resources are specific permissions within applications. Example resources include:
- Salesforce: Roles, profiles, and permission sets
- GitHub: Repositories, Teams
- Amazon Web Services: IAM Roles, databases (RDS), and compute (EC2)
To make a request, open the resource and select Request in the Actions column, or select Request Access in the sidebar.
Enter the following fields:
- Reason: By default, this is a required field by default. Admins can hide this field using the request configuration settings.
- Expires in: Specify how long you need access. Use the default values, or request a custom range by selecting Custom.
- Expire access when ticket is closed: If you don't know how long you'll need access, you can bind the access request to a support ticket that is assigned to you. Once the ticket is completed, your access will be automatically revoked.
You may request access on behalf of another user. For security reasons, this functionality is limited to the following groups.
- Opal Admins can request access on behalf of all users for all resources.
- Resource and group admins can request access on behalf of others for those resources and groups where they are an admin.
- Managers can request access on behalf of their reports for those resources to which the manager has access.
Request access with productivity integrations
In Slack, if you type in /Opal or /access, you can browse an app catalog.
You can then select the Resource by browsing the Items to Request.
Once you have made your selection, you can add the expiration and reason.
Updated 14 days ago