Notifications
Clear all
Topic starter
02/06/2026 7:00 pm
TL;DR: Just-in-time permissions reduce standing privilege by expiring entitlements automatically, but they only enforce least privilege when Identity Governance and Administration supplies discovery, policy, contextual approval, and audit evidence, according to Omada Identity. The practical lesson is that time-bound access without governance still leaves the blast radius intact.
NHIMG editorial — based on content published by Omada Identity: Just-in-Time Permissions Explained: How JIT and IGA Together Enforce Least Privilege
By the numbers:
- The 2025 Verizon Data Breach Investigations Report found stolen credentials were the leading initial access vector in roughly one in five breaches.
- Only 5.7% of organisations have full visibility into their service accounts.
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
Questions worth separating out
Q: How should security teams implement just-in-time permissions in enterprise IAM?
A: Start with an entitlement inventory, then define policy that limits who can request access, for what business reason, and for how long.
Q: Why do just-in-time permissions not eliminate standing privilege risk?
A: Because they control duration, not entitlement quality.
Q: What breaks when non-human identities are not governed like human accounts?
A: Service accounts, API keys, tokens, and AI agents can retain access long after the original task ends because they do not naturally pass through joiner-mover-leaver processes.
Practitioner guidance
- Inventory all standing entitlements first Map roles, group memberships, app rights, service accounts, and AI agent permissions before introducing JIT.
- Define eligibility rules in IGA Set explicit policy for who can request which access, under what business context, and with which separation-of-duties constraints.
- Time-box only the access that is already justified Apply JIT to permissions that have a clear task window, then revoke them automatically when the event ends.
The operational priority is to make entitlement discovery continuous, then connect that inventory to approval policy and access certification before expanding time-bound access models?
👉 Read Omada Identity's explanation of just-in-time permissions and IGA →
Explore further
02/06/2026 7:17 pm
JIT without governance is a timing control, not a privilege model. Expiring access quickly reduces exposure, but it does not answer whether the permission should have been granted at all. That distinction is central to NHI governance because service accounts and AI agents can hold access long after a business need ends. Practitioners should treat JIT as a control for duration, not as proof of least privilege.
A few things that frame the scale:
- Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
- 71% of NHIs are not rotated within recommended time frames, increasing the risk of compromise over time.
A question worth separating out:
Q: What should organisations do first when moving toward least privilege for NHIs?
A: They should start by discovering where non-human identities exist, who owns them, and what privileges they carry. After that, define policy for eligibility, review cadence, and revocation, then use JIT to time-box the permissions that remain necessary. Discovery comes before optimization because you cannot govern what you cannot see.
👉 Read our full editorial: Just-in-time permissions need IGA to enforce least privilege
