Break-Glass Access

curl -X POST https://cp.gosentrix.io/api/v1/tenants/{id}/break-glass/initiate \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -d '{
    "reason": "SSO provider outage preventing access",
    "duration_minutes": 60
  }'

Break-glass access provides emergency administrative access when normal authentication methods are unavailable.

When to Use

Break-glass access should only be used in emergency situations:

Account lockout preventing critical operations
MFA device loss with no recovery codes
SSO provider outage
Security incident requiring immediate access

How It Works

Initiate Break-Glass

curl -X POST https://cp.gosentrix.io/api/v1/tenants/{id}/break-glass/initiate \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -d '{
    "reason": "SSO provider outage preventing access",
    "duration_minutes": 60
  }'

Approval Required

Break-glass requests require approval from designated approvers.

Temporary Access

Once approved, temporary elevated access is granted.

Security Controls

All break-glass sessions are logged
Time-limited access (default: 1 hour)
Requires explicit reason
Audit trail maintained
Alerts sent to security team

Best Practices

Use only in true emergencies
Document reason clearly
Revoke immediately after use
Review break-glass logs regularly

Break-glass access bypasses normal security controls. Use with extreme caution.

Webhooks Error Codes

⌘I

Get Started

Authentication API

Control Plane API

Guides

Reference

Concepts

Operations

Webhooks

Compliance

Break-Glass Access

When to Use

How It Works

Security Controls

Best Practices

Get Started

Authentication API

Control Plane API

Guides

Reference

Concepts

Operations

Webhooks

Compliance

​When to Use

​How It Works

​Security Controls

​Best Practices

When to Use

How It Works

Security Controls

Best Practices