Skip to content

Use JiT role activation with PIM#

Security · Subscription · Rule · 2020_09 · Important

Use just-in-time (JiT) activation of roles instead of persistent role assignment.


PIM helps manage the impact of identity compromise or misuse of permissions by reducing persistent access. With PIM, eligible identities can activate time-bound role assignments on an as needed basis (just-in-time). Activation typically occurs before a schedule change or management operation.

PIM is an Azure Active Directory (AD) feature included in Azure AD Premium P2.


Consider using Privileged Identity Management (PIM) to activate privileged roles on an as needed basis.