The Identity Panel Suite provides automated, policy-driven license revocation as part of its identity governance and lifecycle management capabilities. This ensures that users have only the access they need—and no more—based on their current role or status.
License Revocation via Deprovisioning
The HyperSync Panel serves as the platform’s synchronization engine. It manages provisioning and deprovisioning of users and entitlements across connected systems like Microsoft 365, Azure AD, and SaaS applications.
-
Deprovisioning refers to the automatic removal of user accounts, access permissions, and license entitlements based on specific lifecycle triggers—such as a user leaving the organization or a change in HR status.
-
When a user becomes a “leaver,” HyperSync detects the change and initiates rules or workflows to revoke licenses in downstream systems.
Policy-Driven Revocation with Access Panel
The Access Panel extends governance by enforcing access policies based on roles, departments, or other business criteria.
-
Criteria Policies automatically remove entitlements that no longer apply when a user's role or department changes.
-
Just-in-Time (JIT) Policies grant access temporarily and automatically revoke it after a defined time or condition.
-
Separation of Duty (SoD) Rules ensure users do not accumulate conflicting permissions, triggering license revocation where necessary.
-
Attestation Campaigns allow business owners to periodically review and remove unnecessary access rights.
Workflow Integration and Audit Logging
All revocation actions are tracked through Panel Actions and workflow history, providing a comprehensive audit trail. This enables:
-
Proof of when and why licenses were revoked
-
Support for compliance and audit readiness
-
Transparency in access decisions
Comments
0 comments
Article is closed for comments.