With Vanta, requesting access to company systems is simple and automated. Personnel can submit access requests, which Vanta routes to the correct approver and system admin for review and provisioning. This feature is especially helpful for IT teams and managers looking to streamline and track access in one place.
Note: Vanta’s Access Requests tool is now in open beta! To join, please email [email protected]. You’ll need an Access Reviews subscription or a Plus, Growth, or higher plan to participate.
Get Started with Access Requests
From the left-hand navigation, select Access
From the top navigation, select Requests
You can now view and manage incoming access requests from your personnel.
Enable a System for Access Requests
Select Manage systems
Click on a system you want to enable
Choose a System approver — the person who approves requests
Choose a System admin — the person who provisions the account
(Optional) Configure access levels or require personnel to provide freeform information what permissions they need
(Optional) Require a business justification
Click Enable when finished
Adding an access level
To add a new access level, click Add access level and provide the following:
Name: This is how users of Vanta (both admins managing requests and personnel submitting requests) will see this access level
Description (optional): Personnel will see this description when selecting an access level in an access request. Use it to provide more information or suggestions about who needs this level of access
Entitlement (optional): If this system is integrated with Vanta, you can map it to an entitlement from the integration. Learn more below.
Mapping an access level to entitlements
For integrated systems, Vanta recommends you map access levels to entitlements. Entitlements are the actual role or permission Vanta pulls from the integration’s API. By mapping the entitlement to the access level, Vanta can match the access level in the access request to the actual role on the account that we pull from the integration.
The entitlement name is exactly the role or permission Vanta pulls from the integration’s API. Vanta doesn’t run any formatting on the name (e.g., capitalization).
The depth and quality of entitlements is dependent on what each integration’s API makes available. If you have any feedback on the list of entitlements available for an integration, please let us know here and we will investigate.
Connect Slack to Manage Access Requests
Navigate to Settings > Notifications in your Vanta dashboard.
Click Connect Slack.
Follow the prompts to authorize the integration.
Once connected, Slack will be enabled for access request notifications automatically.
Submit an Access Request
From the left-hand navigation, click My access requests
All personnel can access this page, regardless of role
Click on a system
Fill in a business justification and permission level (if required)
Click Request access
Track request status under My requests
Pending approval = waiting on the approver
Pending provisioning = waiting on the system admin
Submit an Access Request via Slack
You can request access directly in Slack using one of the following methods:
Use a Slash Command: Type
/vanta request access
in any Slack channel or direct message.
Open the Vanta App: Find the Vanta app in Slack and click Submit access request.
Then, fill out the form that appears to complete your request.
Approve an Access Request
Approve from Email
If assigned as the approver, you’ll receive an email titled:
[Action Required] [Name] requested access to [System]Click Review request
Click Approve or Deny
If denying, you’ll be prompted to give a reason
Once approved, the request is routed to the system admin
Approve from Vanta
From the left-hand navigation, select Access, then Requests
If you don’t see this tab, you may not have full admin access
Click an access request with status Pending approval
(Optional) Use Needs my attention to filter requests
Click Approve or Deny
If denying, you’ll be prompted to give a reason
After approval, the request moves to the system admin for provisioning
Approve from Slack
If you're designated as the system approver, you'll receive a Slack message when someone submits an access request.
You can approve or deny the request directly from that message, no need to leave Slack.
Mark an Access Request as Provisioned
Mark from Email
If you’re the system admin, you’ll get an email titled:
[Action Required] Provision a [System] account for [Name]Click Review request
Click Mark as provisioned
The request is marked complete, and the requester is notified
Mark from Vanta
From the left-hand navigation, select Access, then Requests
Click a request with status Pending provisioning
(Optional) Use Needs my attention to filter requests
Click Mark as provisioned
The request is marked complete, and the requester is notified
Mark from Slack
If you're a system admin, you'll receive a Slack message once an access request is approved.
You can mark the request as provisioned directly from that message.
View All Company Access Requests
Admins with access to the Access Module can see all access requests:
From the left-hand navigation, select Access, then Requests
View all requests and statuses from this page
Use filters:
Needs my attention = requests assigned to you
Open requests = all pending company-wide requests
FAQ
Who should I contact with feedback on the open beta?
Please submit product feedback here.
Can system admins and approvers see access requests?
Yes! They can view and act on any access request assigned to them in Vanta. They must have the Collaborator Role. Vanta will check for this before enabling a system.
Can I submit another request for a system I’ve already requested access to?
Yes. You can submit multiple access requests to the same system if needed.
Will these requests connect with Access Reviews or Offboarding?
We're actively building support to surface access requests during reviews and offboarding.
What if an approver or system admin leaves the company?
Vanta will flag them as invalid and prompt you to reassign those roles.
What integrated systems currently support access levels?
The following integrations support access levels today: Slack, Checkr, Bitbucket, Cloudflare, Zoom, Sentry, Asana, Knowbe4, Calendly, OpenAI, Zendesk, Jamf, Pagerduty, Heroku, Monday, Snyk, Brex, Supabase, Box, Clubhouse, Fivetran, Launchdarkly, Tenable, Netlify, Lattice, Grafana Cloud, Ramp, Ashby, Curricula, Render, Smartsheet, Opsgenie, Twingate, Qualys, Doppler, Workspace One, Lever, Guru, Sigma, Lacework, Asset Panda, Dockerhub, Hook, Torii, Statsig, Vendr, Harness, Productboard.
Why do only some integrated systems support access levels?
Vanta is rolling out access levels gradually to our integrations in order to ensure the entitlement data being pulled from each integration is high quality.
How does Vanta get the list entitlements for a system?
Vanta gets the list of entitlements for a system by building a deduplicated list of the entitlements pulled from all the accounts fetched by the integration (including those fetched in the past but since deleted). For example, we might see that 5 accounts pulled from Slack have the “Member” entitlement and 2 accounts have the “Admin” entitlement; as a result, the list of entitlements for Slack would be “Admin” and “Member”.
A limitation of this approach is that if an entitlement was never actually assigned to an account, Vanta won’t know about it since it never appeared in the integration’s API fetches.
I’m trying to add an access level for an integrated system but an entitlement is missing. What should I do?
An entitlement might be missing because:
No accounts currently fetched from the integration have this entitlement. See above.
The system’s API doesn’t make entitlements available.
Vanta’s integration isn’t pulling the entitlement properly. Please leave us feedback here and we will look into fixing the issue.