Capabilities
Provisioning
AccessOwl creates user accounts with the specified roles/permissions during access requests.
Deprovisioning
AccessOwl deletes users from your Temporal Cloud account during access revocations.
Prerequisites
- Global Admin access to your Temporal Cloud account, so you can invite the integration account.
Setup
Add Temporal Cloud in AccessOwl
Either add a new application or open Applications and click the +-symbol, then continue.
Invite the integration account as Global Admin
AccessOwl shows you the integration account’s email address. In Temporal Cloud:
- Go to Settings in the left sidebar.
- Click Create Users in the upper-right area.
- Enter the integration account’s email address in the Email Addresses box.
- Set the account-level role to Global Admin.
- Click Send Invite.
The integration account needs Global Admin because only Global Admins and Account Owners can invite and delete users in Temporal Cloud.
FAQ
The user was provisioned but I can't see them in Temporal Cloud
The user was provisioned but I can't see them in Temporal Cloud
When AccessOwl provisions a user, Temporal Cloud sends them an invite email. The user must click the link in that email to complete their account setup. Until they accept the invite, they will not appear as an active member in your Temporal Cloud account. If a provisioning request shows as completed in AccessOwl but the user is not yet visible, they have not accepted the invite yet.