Access Connectors¶

Identity, PAM, and access connectors enable AI agents to manage user lifecycles, investigate access anomalies, enforce privileged access policies, and administer endpoint device configurations. These connectors are central to incident response workflows that require disabling compromised accounts, revoking sessions, or auditing access grants.

Read operations such as listing users and querying group memberships are LOW risk. Account modification operations (disabling users, resetting MFA, revoking sessions) are classified as HIGH risk due to their direct impact on access control.

Connector	Operations	Risk Levels	Description
Okta	30	LOW, MEDIUM, HIGH	Okta identity operations for user management, group administration, application assignment, session control, and system log queries
Microsoft Entra ID	29	LOW, MEDIUM, HIGH	Microsoft Entra ID (Azure AD) operations for user management, group administration, conditional access policies, and sign-in log queries
CyberArk	29	LOW, MEDIUM, HIGH	CyberArk Privileged Access Security operations for safe management, account retrieval, credential rotation, and session recording queries
BeyondTrust	23	LOW, MEDIUM, HIGH	BeyondTrust privileged access operations for managed account retrieval, session management, credential checkout, and approval workflows
SailPoint	31	LOW, MEDIUM, HIGH	SailPoint IdentityNow operations for identity governance, access request management, certification campaigns, and role administration
Duo Security	24	LOW, MEDIUM, HIGH	Cisco Duo operations for user management, device administration, authentication log queries, and MFA policy configuration
JumpCloud	33	LOW, MEDIUM, HIGH	JumpCloud directory operations for user management, device enrollment, policy configuration, RADIUS server management, and event queries
OneLogin	28	LOW, MEDIUM, HIGH	OneLogin operations for user management, application provisioning, event log queries, and authentication policy configuration
Ping Identity	32	LOW, MEDIUM, HIGH	Ping Identity operations for user management, application configuration, authentication policies, and risk evaluation queries
Microsoft Intune	24	LOW, MEDIUM, HIGH	Microsoft Intune operations for device management, compliance policies, configuration profiles, and remote device actions
Jamf	33	LOW, MEDIUM, HIGH	Jamf Pro operations for macOS and iOS device management, policy deployment, inventory queries, and remote command execution
Varonis	22	LOW, MEDIUM, HIGH	Varonis data security operations for alert management, data classification queries, permission analysis, and user behavior analytics
BigID	28	LOW, MEDIUM, HIGH	BigID data intelligence operations for data discovery, classification scanning, access governance, and privacy risk management