Access Requests (AR) Services

Access Requests are owned by the Corporate Security Helpdesk team. All onboarding, offboarding and role change (career mobility) requests are owned by the People Connect Team.

If you have any access requests related questions, please reach out to #it_help in Slack or the tool provisioner in Slack.

Issue Trackers

Team Member Issue Templates

Please submit a team member access request by selecting the appropriate application-specific form here. If there isn’t a specific application request form for your needs (like Adobe, Slack, or Zoom), you can use the Individual or Bulk Person Access request.

Role Based Entitlements

  • Role based entitlements are a pre-approved set of permissions that are granted to all people in a role. Make sure that whatever set of permissions you are adding to these templates should be granted to anyone with that role.

  • Role based entitlements need to be approved only once, when the template is created, and they don’t need to be approved again on a case-by-case basis.

  • These templates cannot be edited to remove or add extra permissions once created, unless those changes are approved by a manager (or higher) of the team the role belongs to. Note that an approval is still required even if a change comes from a manager or higher on a baseline entitlement template to mitigate the risk of a permission change being pushed through by a single team member.

  • We have decided to remove all SOX applications from the Role-Based Entitlements templates. Therefore, any access that is requested for our SOX-in-scope systems should follow the standard A/R process outlined here in our handbook. The impact to you is for any access going forward that was granted automatically via a role based entitlement will now need to be requested via a standard A/R so we can ensure approvals are properly captured.

  • Please note when editing an existing template or creating a new one do not include access of any kind to a rolebased access template. Full listing of SOX applications can be found here

Need help?

  • Please mention @gitlab-com/business-technology/end-user-services in the issue, with no particular SLA.
  • If your request is urgent, post a link to your access request in the #it_help channel in Slack with a note on why it is urgent.

Working on Access Requests

Department Access Request Boards

  • If you need additional labels or have suggestions for improving the process until we can fully automate, please open an issue.
  • ARs are auto-assigned and auto-labeled when possible by department. In some cases, there are multiple provisioners per tool. If a template cannot be auto-assigned, Business Technology will provide a board where the provisioners can review their department’s issues by label (ie dept::to do. It is up to the department to manage the workflow on who works the issues to completion.
  • Moving an issue from one column to another will remove the first label (per the column header) and add the second label. Please use caution when moving issues between columns.
  • Departments can check their outstanding access request issues by viewing their board below.
AR boards: to-do:

  1. Data
  2. Finance
  3. Infra
  4. IT
  5. Legal
  6. PeopleOPs
  7. Prod+Eng
  8. Marketing
  9. Sales
  10. Security
  11. Support

Tech Stack Changes

If you need to initiate an Access Request process for a new item in the tech stack:

  1. Confirm the tool is added to the tech stack
  2. Confirm a team member is included as the provisioner deprovisioner
  3. Document the requirement to submit an Access Request in any relevant handbook pages
Access Requests FAQ
This is a placeholder page. Please see the links below for any child pages that exist.
Last modified June 13, 2025: Move IT under CorpSec (5b5a36c1)
View page source - Edit this page - please contribute. Creative Commons License