Ephemeral Access refers to the practice of granting temporary access to certain users (or Groups) within a defined window of time to allow them to carry out specific actions.

Ephemeral Access with Twingate

You can configure Ephemeral Access from either a Resource or Group page. The expiration time for a particular access right can be set to any time from the next hour to one year from the current date. When the expiration time has elapsed, the Group will be removed from the Resource and users in that Group will no longer have access to that Resource.

Changes made to expiration times will appear in the Access category of the Audit Logs reporting available within the Admin Console.

Implementing Ephemeral Access via a Resource Page:

When first adding a Group to a Resource, you can specify an expiration time and date. When this time is reached, the Group will be removed from the Resource.

An expiration time can also be modified for a Group that already has access to a Resource by clicking on the options button and then setting the expiration time.

Implementing Ephemeral Access via a Group Page:

You can set expiration times for specific Resources that a Group has access to on the relevant Group page.

When to use Ephemeral Access

Common use cases for Ephemeral Access include projects with a defined end time, contractor engagements, and “break glass” scenarios where a team may require access to a highly sensitive resource for a short amount of time.