Infrastructure today moves fast. CI/CD pipelines deploy code automatically; Kubernetes' workloads spin up in seconds, and automation scripts operate 24/7.
Yet many organizations are still managing access for non-human identities the same way they manage people: with manually created accounts.
As environments scale, this creates operational overhead, governance challenges, and unnecessary security risk.
The latest release of PrivX PAM introduces capabilities designed to simplify machine identity management, strengthen security, and give greater flexibility in managing privileged access.
Eliminating the Service Account Burden
A major challenge facing security teams is the explosion of machine identities. GitLab runners, API clients, automation scripts, and cloud workloads often require individual accounts and permissions, creating significant administrative effort.
PrivX PAM now addresses this better than ever with ephemeral user directories.
Rather than creating and maintaining hundreds of service accounts, organizations can trust an external identity provider. When a script or API client presents a valid JWT token from that provider, PrivX automatically creates a temporary user, assigns appropriate roles, and removes the identity when no longer needed.
For teams running GitLab CI/CD pipelines or Kubernetes environments, this dramatically reduces identity sprawl while ensuring tight access control.
The result: simpler administration, faster onboarding of automation workflows, and a more scalable approach.
Making Federated Access Management Easier
Many organizations rely on identity providers like Okta or Microsoft to authenticate users. However, federated users often face limitations compared to locally managed accounts.
PrivX has closed those gaps by allowing OIDC-authenticated users to request role approvals directly through the UI. User records can also be retained for a configurable period after logout, improving visibility for auditing reviews. Additional enhancements include support for API proxy credentials and authorized SSH keys for OIDC-sourced identities.
Together, these make it easier to extend privileged access workflows to users who authenticate through existing enterprise identity systems.
Strengthening Security for File Transfer Workflows
To inspect files for malware and data leakage before uploads and downloads are completed, organizations increasingly use ICAP integrations. As these move to the cloud, encrypted communication becomes essential.
With the introduction of TLS support for ICAP connections, PrivX now enables secure communication with external scanning services. Administrators can configure trusted certificates and, where required, support self-signed certificates.
.png?width=400&height=339&name=PrivX_44_blog_post(1).png)
This ensures file inspection workflows remain secure in cloud and hybrid environments without adding operational complexity.
Delegating Access Management, Maintaining Control
Many organizations often struggle to balance centralized governance with local flexibility. They want consistent controls, while individual business units need the ability to manage access within their environments.
Now, a new access role permission allows delegated role management within specific groups. Administrators can create and manage roles within their assigned scope without gaining broader permissions. This enables teams to operate independently while maintaining governance boundaries, reducing the burden on central administrators.
.png?width=400&height=301&name=PrivX_44_blog_post(2).png)
For companies with multiple teams, business units, or internal workflows, this provides a practical way to scale access management.
For fast-growing organizations, this release introduces an optional Nginx bypass configuration to reduce latency in high-throughput environments where internal traffic volumes create bottlenecks.
Intended for advanced deployments, it provides an additional optimization path for customers pushing the limits of performance.
Securing the Future of Privileged Access
As organizations adopt more automation, cloud-native infrastructure, and machine-driven workflows, PrivX PAM helps them reduce the complexity of managing machine identities, improve federated access workflows, strengthen security controls, and scale governance effectively.
The result: a simpler, more secure approach to privileged access—built for both humans and machines.
Read the release notes or learn more about our Just-In-Time privileged access solution>>>
