JIT Access

Enterprise

Just-in-Time privilege elevation eliminates standing access. Users request temporary permissions that auto-expire after a configurable TTL.

How it works

  1. Request — A user requests access to a target (server, database, application) from the RedFox UI or API.
  2. Approval — The request is routed to one or more approvers based on policy (manager, security team, auto-approve for low-risk).
  3. Grant — Upon approval, RedFox creates a time-limited credential or session token with the requested role.
  4. Use — The user connects via the browser terminal or ZTNA proxy. All commands are logged.
  5. Revoke — When the TTL expires or the session ends, access is automatically revoked. No orphaned permissions.

Configuration

TTL policies

Define maximum session duration per target group: 1 hour for production databases, 4 hours for staging servers, 8 hours for development. Configurable in Settings → JIT Policies.

Approval workflows

Multi-level approval chains: single approver, multi-approver (any/all), or auto-approve for pre-defined low-risk targets. Approvers are notified via Slack, Teams, or email.

Emergency access

Break-glass procedure allows immediate access bypassing approval, with mandatory post-access review and alert to the security team.

Security

  • Every JIT request, approval and revocation is recorded in the WORM audit log
  • Credentials are injected at connection time — users never see the underlying secret
  • Expired sessions are forcibly terminated by the proxy
  • All JIT events are available via the SIEM export API

API

Programmatic JIT access via the REST API:

  • POST /api/v1/jit/request — create an access request
  • POST /api/v1/jit/approve — approve or deny a request
  • GET /api/v1/jit/active — list active JIT sessions
  • DELETE /api/v1/jit/{id} — revoke an active grant

Need help configuring JIT access? Contact [email protected]. For Enterprise licensing, reach out to [email protected].