Access Reviews
Stale permissions are a silent breach risk. OnePAM runs periodic access certification campaigns — reviewers approve, revoke, or flag with auto-enforcement.
What You Get
Included Capabilities
Certification campaigns — create review cycles with configurable scope, reviewers, and deadlines
Flexible scope — review all access org-wide, per team, or per resource group
Reviewer assignment — assign managers, team leads, or specific users as reviewers
Three-way decisions — approve to keep, revoke to remove, or flag for follow-up
Automatic enforcement — revoked access is removed immediately (team membership, access requests)
Bulk decisions — reviewers can approve or revoke multiple items at once
Progress tracking — real-time campaign progress with automatic completion detection
Deadline reminders — configurable reminder notifications before the review deadline
Auto-revoke on miss — optionally revoke unreviewed access when the deadline passes
CSV export — download campaign results for compliance reporting and auditors
Available on Business and Enterprise plans
Live Preview
Feature Overview
Secure Access — Overview
Zero Trust Access
Session Recording
Just-In-Time Access
Browser-Based
Deploy in Under 5 Minutes
Three Steps to Secure Access
1. Sign Up With SSO
Connect your identity provider — Okta, Azure AD, Google Workspace, or any SAML/OIDC provider. Your team logs in with existing credentials.
2. Add Your Resources
Register servers, databases, Kubernetes clusters, and web apps. Define who can access what with role-based policies.
3. Access Securely
Your team accesses resources through the browser — identity-verified, session-recorded, and audit-logged. No VPN, no exposed ports.
Try Access Reviews — Free for 14 Days
From signup to your first secure session in under 5 minutes. No infrastructure changes, no credit card, no sales call.