JIT Approvals
Creating and Managing your JIT Approvals
JIT Approvals
JIT approvals are used to grant elevated privileges to your users for your applications. This process requires an administrators approval that when approved will provide access to the user in real time. There are a number of use cases in which JIT Approvals provide solutions to solve problems. This document will outline each of the JIT Approval types available to you and will define how to create, use, and manage Next Level3’s JIT Approvals within your Company Portal.
Accessing JIT Approvals
Requirements: Admin Level Next Level3 Company Account Access.
Login to company.nextlevel3.com and navigate to “Management” -> “JIT Approvals”.
JIT Approval Creation
JIT Approval Types
Currently, there are two approval types support by the Next Level3 Cloud Identity JIT Access platform including;
-
Approve - JIT access approval request that when triggered requires the default approver to approve the request that they received.
-
Sign and Approve - JIT access approval request that when triggered required the default approver to sign the request with their signature and then approve the request that is sent.
Generating an Authentication Token
An authentication token is a method used to verify user identity. Once the token has been verified, the user receives an Access Token which grants the user access to a service that it has been issued for and will work until the token becomes invalid. Next Level3 JIT Approval Authentication uses this process to grant elevated privileges to your users for your applications and supports protecting your applications by integrating Cloud Identity JIT Approvals directly to your applications. Generating the Authentication token required to make calls for your applications depends on the language your application uses. To integrate Next Level3 JIT Approvals into your application using authentication token generation, refer to the corresponding native language your application uses from the list below.
The Next Level3 Node.js integration is designed to be used for your existing applications or sites that are using native Node.js code for authentication. This integration will allow you to easily generate client specific authentication tokens for JIT Approval access to any application that leverages Node.js.
Pre-requisites
- Node.js Application
- Next Level3 Company Account
- Signing Key created for an application in the Next Level3 Company Portal
The following Node.js code sample can be used to integrate an authentication token generator into your existing authentication flow for custom Node.js applications that are handling JIT Access calls within the application or where a third-party identity provider does not have a supported integration: