Platform

Automation Hub

Modern identity management is too complex for manual effort. Define standardized operational procedures that trigger automatically from lifecycle events, sign-in activity, and environment changes.

Event-Driven Operations

Our low-code workflow engine allows you to connect any identity event to a sequence of secure actions. Whether it's auto-provisioning a new user based on role attributes or revoking access when a security alert is triggered, Custodeum handles the execution.

Built-in guardrails ensure that automation never runs out of control, with mandatory approvals for sensitive actions and full dry-run capabilities.

Trigger
Condition
Action

When a user is marked as a leaver, check for high-risk accounts, revoke access, and notify Security Operations automatically.

Event Triggers

React to changes across your environment in real-time, from identity lifecycle events to Okta and Entra sign-in activity.

  • JML lifecycle events
  • App sign-in targeting
  • Group membership changes
Workflow Builder

Build complex, cross-system operational chains with a low-code interface designed for identity engineers.

  • Conditional branching
  • Multi-system actions
  • Approvals in-flight
Least-Privilege Actions

Perform downstream system changes using service accounts with precisely scoped permissions.

  • API-based remediation
  • Scoped service accounts
  • Credential rotation integration
Operational Dashboards

Monitor the health and performance of your automated workflows with real-time telemetry.

  • Success rate tracking
  • Latency monitoring
  • Error state debugging

Guided Workflows

Visual, versioned playbooks for support and operations: question steps, connector lookups, ticketing, approvals, and branching. Run in the User Portal, support console, and Microsoft Teams. Test before publish; export branch maps for stakeholder review.

Trigger
Condition
Action

When a user is marked as a leaver, check for high-risk accounts, revoke access, and notify Security Operations automatically.

Microsoft 365 & Exchange Actions

When Exchange is connected, Automation Hub exposes mailbox, Teams telephony, SharePoint, and OneDrive operations, governed and auditable, and ticket-gated.

  • Same catalog as support console
  • Available in Guided Workflows
  • Queued on O365 agent
App Sign-In Targeting

Trigger automations from Okta and Entra sign-in activity to right-size access based on actual usage patterns.

  • Usage-based automation
  • Inactivity-driven actions
  • Least-privilege enforcement

Standardize Your Identity Lifecycle

Consistency is the key to identity security. Template-driven provisioning, portal self-service, and time-limited accounts are available today. See our Lifecycle & Provisioning solution for the full picture.

1
Templates
Admin-defined provisioning
2
Self-service
Portal and Teams requests
3
Time-limited
Automatic expiry actions
4
Audit
Full execution history

Explore Lifecycle & Provisioning, IT Support Ops, and governance post-review actions.