Hi there 👋, and welcome to the Lumos public roadmap! Modern technology companies use Lumos as a suite of products to manage all their vendors, apps and access in one platform. In this roadmap, you can find a list of features that we are planning to launch, and when they’ll be available. As of August 13, 2024 , this roadmap has also been updated to reflect what was released in H1 of this year, and our most up-to-date plans for H2!
Feature Status
General Availability (GA)Early AccessIn DevelopmentIn ConsiderationTimeline
| Period | Start Date | End Date |
|---|---|---|
| H1 | February 1, 2024 | July 31, 2024 |
| H2 | August 1, 2024 | January 31, 2025 |
<aside> 📐 Table of Contents
</aside>
| Feature | H2 Status |
|---|---|
| ‣ | |
| Configure multiple re-orderable steps as part of provisioning app or permission access. | ✅ Available Now |
| ‣ | |
| Configure Lumos in code to programmatically review changes, manage complex configurations, and revert to previous settings for enhanced control. | ✅ Available Now |
| ‣ | |
| Create a more seamless access request and authentication process for developers requesting cloud resources within Lumos | ✅ Available Now |
| ‣ | |
| Define multi-step deprovisioning workflows that will run when users time-based access expires. | GA |
| ‣ | |
| Support for Add to App (IdP), Remove from Group, Create Account actions in the AppStore, as well as the ability to wait for an employee to sign in for JIT access | GA |
| ‣ | |
| Present text descriptions to end users, providing the necessary context for users to know what they are requesting or approving. | Early Access |
| Task & Notification Improvements | |
| Upgrade the task center to display current and past tasks for both admins & end users, providing an overview of all access requests. | Early Access |
| Inactive Approver & App Admin Notifications | |
| Send a notification to Lumos admins if there are terminated employees and/or inactive groups set as approvers or app admins. | Early Access |
| Account Creation Workflows | |
| Configure advanced, multi-step workflows to create accounts in any application, including mapping from Identity or HRIS data to required field values. | Early Access |
| Requests for Removal | |
| Allow users to self service requests for removal | Early Access |
| Permission Packages | |
| Bundle together permissions to create common requestable packages for end users to request in one go. | In Development |
| AI-Enhanced Search | |
| Dramatically improve app and permission discovery in Lumos by enabling searches for competitors, tags, or access similar to peers. | In Development |
| Natural Language Access Requests | |
| Describe access needs in natural language, and let Lumos recommend the most appropriate permissions. | In Consideration |
| Microsoft Teams Support | |
| Integrate with Microsoft Teams and customize notifications more granularly. | In Consideration |
| Reusable AppStore Policies | |
| Manage your approval, escalation, ITSM logging policies at scale by leveraging app/permission labelling and custom attributes. | In Consideration |
| ServiceNow / Freshservice Requests | |
| Initiate access requests from ServiceNow / Freshservice, making Lumos a “headless” engine to automate approval & provisioning. | In Consideration |
| Segregation of Duties | |
| Identify and flag prohibited or risky permission combinations during access requests to prevent security and compliance issues. | In Consideration |
| Vendors x AppStore Integration | |
| Integrate your license data with the AppStore, surfacing license costs to your approvers. | In Consideration |
| Feature | H2 Status |
|---|---|
| ‣ | |
| Integrate AppStore with Access Reviews, displaying request history to easily identify and manage unapproved access. | ✅ Available Now |
| ‣ | |
| Detect differences from the last access review, including new entitlements, accounts, and roles, for better oversight. | ✅ Available Now |
| ‣ | |
| Categorize users and accounts with labels like privileged, service, and guest for focused and efficient access review processes. | ✅ Available Now |
| ‣ | |
| Lumos to auto-detect role anomalies enhancing reviewer decision-making. | ✅ Available Now |
| ‣ | |
| Implement a layered review process, allowing multiple reviewers to evaluate access permissions at different stages for more scrutiny. | GA |
| Role and Group Reviews | |
| Extend reviews to groups and roles (not just users), examining the entitlements they grant to ensure proper access control. | GA |
| Permission Descriptions | |
| Present detailed text descriptions of permissions to reviewers, providing the necessary context for them to understand and evaluate the access they are reviewing. | GA |
| Service Account Reviews | |
| Systematically review and manage access for non-human identities, such as service accounts, on a regular schedule. | GA |
| User Self-Reviews | |
| Enable users to self-review their access permissions regularly. | In Consideration |
| Role-Change Triggered Reviews | |
| Automatically initiate an access review when a role change occurs, allowing new managers to adjust employee access accordingly. | In Consideration |
| Access Reviews Policies | |
| Implement policies for automatic approval or denial of certain accounts, like birthright accounts, speeding up the review process. | In Consideration |
| SOD Policy Suggestions | |
| Lumos to provide pre-defined SOD rules and policies, identifying risky permission combinations effectively. | In Consideration |
| Access Review AI Risk Scoring | |
| Lumos to auto-detect high risk access and provide actionable suggestions, enhancing reviewer decision-making. | In Consideration |
| Enhanced Role Modification in Access Review | |
| Reviewers can modify user permissions through a comprehensive dropdown menu, assigning new downgraded permissions not previously held by the user. | In Consideration |
| Feature | H2 Status |
|---|---|
| ‣ | |
| Stage ****onboardings and/or offboardings to run at a specified time in the future. | ✅ Available Now |
| Suspend Users in Lumos for Offboarding | |
| Revoke users’s access to Lumos when running an offboarding. | ✅ Available Now |
| ‣ | |
| Leverage custom attributes (e.g. office location, employee type) to construct birthright rules. | ✅ Available Now |
| ‣ | |
| Configure policies to automate on-/offboarding workflows triggered by start/end dates or specific attributes within your HRIS. | ✅ Available Now |
| ‣ | |
| Gain a complete overview of future, current & past on-/offboarding activities across the company with breakglass capabilities. | ✅ Available Now |
| ‣ | |
| Configure “dynamic” fields such as transferring data to a manager, and run webhooks as part of your offboarding workflows. | GA |
| ‣ | |
| Configure notifications and workflows that will trigger upon “mover” events, such as employees changing roles. | Early Access |
| Audit-Friendly Logs | |
| Easily view the events that have occurred in Lumos for specific joiner, mover, and leaver events. | Early Access |
| AI-based Role Management | |
| Deploy an AI agent capable of proposing role adjustments, additions, and deletions, facilitating scalable RBAC management. | In Development |
| Trigger On-/Offboarding Off Employee’s Local Time Zone | |
| Kick off onboardings or offboardings to run a particular time based on the employee’s timezone custom attribute. | In Development |
| Manager-Led Onboarding | |
| Bring managers from your organization into onboarding, so that they can configure onboarding policies, oversee onboardings for their reports, & request additional access when needed. | In Consideration |
| Contractor Onboarding Forms | |
| Introduce flexible forms designed for onboarding contractors, supporting multi-step queries to add them to the right roles. | In Consideration |
| Onboarding Roles | |
| Create Roles that can be assigned ad-hoc or requested via the AppStore. | In Consideration |