Skip to main content

Before you begin

To complete this guide, you’ll need:
  • ConductorOne Super Administrator role
  • A PagerDuty, OpsGenie, or other on-call-enabled application
Estimated time: 15 minutes

Step 1: Integrate your on-call platform

Start by following the docs to integrate your on-call platform with ConductorOne:

PagerDuty

OpsGenie

Don’t see your on-call platform?Don’t stress. We’ll build a connector for it. Get in touch and tell us what you need.
Once connected, ConductorOne ingests the users and roles within the platform, and surfaces on-call rotations as resources.

Step 2: Create your on-call access profile

The on-call access profiles should include any apps, roles, permissions, or resources that are requestable by, or automatically granted to, a user who is on-call.
1
Navigate to Access profiles and click New profile.
2
Give the acces profile a name, such as “On-call”.
3
Click Continue.Now we’ll add the entitlements that are either available for the user to request or automatically granted to the user.
4
Click Manage entitlements.
5
Use filters and the search field to locate the apps and entitlements that should be granted to the user, or available for them to request, when they are on-call.
6
Click Save.

Step 3: Grant the access

You have two options here:
  • Make the entitlements in the access profiles requestable by users who are on-call
  • Automatically grant the entitlements in the access profiles to users who are on-call
If self-service requestable when on-call:
1
Click Edit on the Self-service section of the page.
2
Enable Allow self-service.
3
Under Requestable by, select Specific groups.
4
Select the on-call rotation or rotations that this access profile will be requestable by.
5
Click Save.
If automatically granted when on-call:
1
Click the Enrollment tab.
2
Click Edit on the Access requests section of the page.
3
Use the Request policy dropdown to select Auto approve.
4
Click Save.
5
Click Edit on the Auto-enrollment rule section of the page.
6
Select the on-call rotation or rotations that this access profiles will be automatically assigned to.
7
Click Save.
Important:Automated enrollment with auto-granted access will automatically grant and provision all the entitlements in the access profiles to users who meet the criteria.

Success!

Now whenever a user is on-call, they will either automatically have access to request the on-call access profiles entitlements or have those entitlements automatically provisioned, depending on the configuration you set up.