Before you begin
To complete this guide, you’ll need:- ConductorOne Super Administrator role
- A PagerDuty, OpsGenie, or other on-call-enabled application
Step 1: Integrate your on-call platform
Start by following the docs to integrate your on-call platform with ConductorOne: Once connected, ConductorOne ingests the users and roles within the platform, and surfaces on-call rotations as resources.Step 2: Create your on-call access profile
The on-call access profiles should include any apps, roles, permissions, or resources that are requestable by, or automatically granted to, a user who is on-call.1
Navigate to Access profiles and click New profile.
2
Give the acces profile a name, such as “On-call”.
3
Click Continue.Now we’ll add the entitlements that are either available for the user to request or automatically granted to the user.
4
Click Manage entitlements.
5
Use filters and the search field to locate the apps and entitlements that should be granted to the user, or available for them to request, when they are on-call.
6
Click Save.
Step 3: Grant the access
You have two options here:- Make the entitlements in the access profiles requestable by users who are on-call
- Automatically grant the entitlements in the access profiles to users who are on-call
1
Click Edit on the Self-service section of the page.
2
Enable Allow self-service.
3
Under Requestable by, select Specific groups.
4
Select the on-call rotation or rotations that this access profile will be requestable by.
5
Click Save.
1
Click the Enrollment tab.
2
Click Edit on the Access requests section of the page.
3
Use the Request policy dropdown to select Auto approve.
4
Click Save.
5
Click Edit on the Auto-enrollment rule section of the page.
6
Select the on-call rotation or rotations that this access profiles will be automatically assigned to.
7
Click Save.