We need your input: Authorization is coming to ServicePulse and ServiceControl

Announcements
,
1

Hi everyone,

We’re currently working on adding authorization capabilities to ServicePulse and ServiceControl, and we’d love to hear about your requirements.

Authentication

What do you currently use for user authentication?

Examples include:

  • Active Directory / Windows Authentication
  • Microsoft Entra ID (Azure AD)
  • Okta
  • Auth0
  • Google Workspace
  • OpenID Connect providers
  • Other identity providers

Authorization

What authorization capabilities would you like to see supported?

For example:

  • Role-based access control (RBAC)
  • Group-based permissions
  • User-specific permissions
  • Integration with roles/groups managed by your identity provider
  • Custom roles
  • Read-only vs. administrative access

Auditing

What auditing requirements do you have?

For example:

  • Logging successful access
  • Logging authorization failures
  • Tracking configuration changes
  • User activity auditing
  • Exporting audit data to SIEM or log management platforms

Current direction

Our current approach focuses on:

  • Delegating authentication and role assignment to an external identity provider (IdP)
  • Consuming application roles from user token claims
  • Writing authorization successes and failures to a separate structured audit log that can be easily ingested by log management and monitoring tools

Would this meet your needs, or are there additional requirements we should consider?

Please comment on this issue or contact us at support@particular.net.

Thanks for your feedback!

Particular Software

3

This would be a great improvement to have. Our company has an on-prem version which we would likely use windows auth but we are moving to the Azure so Microsoft Entra Id would be a great IdP to support for us

What do you currently use for user authentication?

  • Active Directory / Windows Authentication
  • Microsoft Entra ID (Azure AD)

What authorization capabilities would you like to see supported?

  • Role-based access control or Integration with roles/groups managed by your identity provider

What auditing requirements do you have?

  • User activity auditing
  • Exporting audit data to SIEM or log management platforms

For reference, everything in our Azure environment runs behind private networking / endpoints and we have run into a bunch of different issues because of that. Something to consider when designing this out

4

I think this would be satisfied by our standards and regulations. Looks really good!