Question on JIT Admin Feature #3787
Unanswered
bleblanc-sh
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
We currently have a self-hosted instance of CIPP but are not heavily utilizing it yet. I was playing around with the JIT Admin feature and think it could be really useful to us.
However, I'm wondering what capabilities we have if any to customize what options techs with Edit, or Custom Roles have available. For example, if we could force notification option to webhook or restrict to only apply JIT to existing accounts.
We'd like to be able to have existing accounts in M365 created and just add the appropriate roles we need via JIT admin feature when needed and just remove roles when expired. I'd want to ensure techs couldn't just set expiry to years from now or create a new unprotected user instead.
Beta Was this translation helpful? Give feedback.
All reactions