Add users to an application role in under 60 seconds through a highly visual and easy-to-use interface.
For sensitive roles, you can ensure a manager approves the request before the role is granted.
If you need to delegate the management of granting and removing access to a role to another party (maybe a service provider), Apporetum enables you to configure this.
Set up rules that govern who can be granted roles and take the hard work out of determining whether a user is eligible for a role before it is given. Based on user attributes, Apporetum’s dynamic guardrails analyse the eligibility of a user’s right to be granted an access entitlement.
Let Apporetum do all the hard work for you. Schedule when a user is granted access and for how long with customisable start and end dates, and automatic expiry. You will never need to set reminders to remove user access ever again.
Find answers to commonly asked questions about Apporetum Access Manager
All of Apporetum’s memberships/entitlements are timebound to ensure users only have access for the period of time they need and that regular reviews are performed to ensure that role entitlements don’t just continue to accumulate over time.
Each role within Apporetum has been given friendly, easy-to-understand terms and includes descriptions so you can be sure you’re giving a user the correct role.
You can record additional information when granting access to a role. Apporetum keeps track of all comments, ticket numbers and any other freeform text to collate audit logs and understand why someone was able to access an application.
Where Apporetum is connected to a data source (Azure AD, Active Directory, LDAP, etc.), entitlements can be removed or ‘end dated’ for automated removal. Apporetum will send out an email notification to the user notifying them of the expiring access with instructions on how to renew it if the access is still required.
Apporetum can be used to manage third-party external access to your applications via Azure AD B2B. Apporetum provides you with the traceability of how and when B2B users have been granted access and can automatically remove B2B users based on timebound rules.
Apporetum can connect to on-premises Active Directory environments, manage groups and roles that are linked to applications and even manage groups used for other reasons, such as group file shares.
Apporetum can integrate with Service Management Tools via API. If your organisation wishes to manage workflow in their Service Management Tool, then end-to-end automation can still be achieved while maintaining a source of truth for your entitlements.
Apporetum can be used to manage role groups used with the PIM capability within Entra ID.
Apporetum can be used to manage groups that are used to grant Azure DevOps permissions. It can also be used and integrated with other pipeline products.