Azure AD
Identity
Simplify JIT, IGA & Privileged Access Management for Azure AD
Opal's integration with Azure AD supports Security Groups and Microsoft 365 groups. This allows employees to request time-bounded access to Azure AD groups, add resources from other Opal integrations to Azure AD groups, for example Github repo, AWS IAM role, etc and initiate access reviews. In addition, Opal syncs with Azure AD as a source of truth for identity - importing users, organization attributes, and their group mapping.
Azure Active Directory is Microsoft’s multi-tenant, cloud-based directory and identity management service. For an organization, Azure AD helps employees sign up to multiple services and access them anywhere over the cloud with a single set of login credentials.
Azure AD offers the following benefits:
Single sign-on simplifies access to your apps from anywhere
Conditional access and multifactor authentication help secure data
A single identity control plane grants full visibility and control of your environment
Governance ensures the right people have access to the right resources, and only when they need it
Opal + Azure AD Overview
Opal's integration with Azure AD supports Security Groups and Microsoft 365 groups. This allows employees to request time-bounded access to Azure AD groups, add resources from other Opal integrations to Azure AD groups, for example Github repo, AWS IAM role, etc and initiate access reviews. In addition, Opal syncs with Azure AD as a source of truth for identity - importing users, organization attributes, and their group mapping.
Opal + Azure AD Use Cases
Protect against breaches with least privilege
Grant just-in-time access to Azure AD groups that are auto-expiring and fully audited using Slack
Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more
Accelerate employee access on paved roads
Enable resource owners with the most context to approve access requests and provision access automatically via Slack
Accelerate employee onboarding by enabling managers to request on behalf of their reports or enabling self-service discovery of resource bundles
Automate on-call access by provisioning and deprovisioning access via on-call schedules
Simplify compliance without manual overhead
Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report
Review access of employees who have recently transferred roles or departments
