Enabling JIT Access Requests
Via Web App
1
Navigate to Access Requests
Go to Manage > Access Requests in the Web App
2
Activate the Connection
Find your connection and toggle it to Active

3
Configure Approval Groups
Click Configure and select the groups that can approve requests

Via CLI
You can also configure access requests when creating a connection:--reviewers flag specifies which groups can approve access requests.
Requesting JIT Access
Users request time-based access using the--duration flag:
Duration Formats
Configuration Options
Maximum Access Duration
Limit how long users can request access. Configure in Manage > Connections > [connection] > Settings.Multiple Approval Groups
When multiple groups are configured, all groups must approve before access is granted. Example: Configuredba-team and security-team as approvers:
- Request requires 1 approval from
dba-teamAND 1 approval fromsecurity-team - Either group can reject the request
Admin Auto-Approval
Admin users automatically approve their own requests. This is by design to ensure admins always have access. To test the full workflow, use a non-admin account.Integration with Slack
To receive and approve requests in Slack:- Configure the Slack integration
- Enable the
slackplugin on your connection:
- Approvers subscribe with
/hoop subscribein Slack - Access requests appear as interactive messages
Environment Variables
These environment variables affect JIT Access Requests behavior on the gateway:Related
JIT Access Requests Overview
Learn how JIT Access Requests work and common use cases
Action Access Requests
Configure per-command approval workflows
Slack Integration
Set up Slack for access request notifications
Access Control
Configure who can access which connections