Integrate with your ticketing system

You can integrate DPA with your organization's workflow and ticketing system by using the Access Policies API to automatically create and update policies for user access requests to VMs and servers.

Here's an example of the end-to-end workflow:

  • Through his organization's ticketing system, Paul requests recurrent access to VMs and servers.

  • When approved, a notification is sent to Paul. In the background, a DPA policy is created, allowing the requested access.

  • Paul is now authorized to access the VMs and servers through DPA according to the policy.

The following image shows the workflow.

Paul requests an approval through his organization's ticketing system. Once approved, a DPA policy is created. When Paul tries to connect to the target, the request is sent via DPA. DPA checks for a policy. Once authorized, Paul connects to the target.

Create the integration

In your organization's ITSM ticketing system:

  1. Create a DPA policy request form. The request should include the appropriate fields to adequately identify the VMs and servers that the user wants to connect to.

  2. Create an approval action for the request form. Approval should trigger the creation of the appropriate policy in DPA as follows:

    1. For each Policies API call an authorization bearer token is required for authentication. For details, see API Authentication for Identity Security Platform.

    2. In Identity Administration User Portal, create a dedicated service user for API activities. For more information, see Add service users.

    3. Assign the DpaAdmin role to that user.

    4. Use the OAuth API to complete the authentication on receiving the bearer token.

    5. Complete the policy creation with the DPA Policy API, using the bearer token generated earlier in the process and the relevant policy details.