Back to Integrations

PagerDuty Integration

Connect TigerAccess with PagerDuty for incident-driven access control, on-call workflows, and real-time notifications.

View DocumentationRequest Demo
Features

Incident-Driven Access Control

Integrate privileged access with your incident response workflows.

On-Call Schedule Integration

Automatically sync PagerDuty on-call schedules with TigerAccess access policies. Engineers receive elevated permissions during their on-call shifts and have them automatically revoked when their shift ends, ensuring least-privilege access.

Incident-Triggered Access

Trigger automatic access provisioning when high-severity incidents are created in PagerDuty. Grant responders immediate access to production systems with time-bound certificates that expire when the incident is resolved.

Escalation Policy Integration

Route access requests through PagerDuty escalation policies to ensure the right approvers are notified based on severity, service ownership, and time of day. Leverage your existing incident response workflows for access approvals.

Break-Glass Access & Alerts

Monitor and alert on break-glass access events through PagerDuty. When emergency access is used, automatically create high-urgency incidents with full context, ensuring rapid response to potential security events.

Capabilities

Complete PagerDuty Integration

Incident webhook integration for real-time triggers
Bi-directional on-call schedule synchronization
Access request notifications to PagerDuty
Approval workflows via escalation policies
Automatic access provisioning on incident creation
Change event logging for audit trails
Service dependency mapping
Team and user synchronization
Break-glass access alerting
Session start/end notifications
Policy violation incident creation
Custom webhook actions and automations
Setup

Get Started in Minutes

Follow these simple steps to integrate TigerAccess with PagerDuty.

1

Create PagerDuty API Integration

Generate a PagerDuty REST API token and Events API v2 integration key for bidirectional communication between TigerAccess and PagerDuty.

# In PagerDuty Console:
# 1. Navigate to Integrations > API Access Keys
# 2. Create a new REST API Key with Read/Write permissions
# 3. Navigate to Services > Generic Events API V2
# 4. Create a new integration and copy the Integration Key
# 5. Note your PagerDuty subdomain (e.g., acme.pagerduty.com)
2

Configure TigerAccess Integration

Add the PagerDuty integration in TigerAccess with your API credentials and configure notification preferences, webhook endpoints, and schedule sync settings.

# Add PagerDuty integration
tacctl integrations add pagerduty \
  --api-token="<rest-api-token>" \
  --integration-key="<events-api-v2-key>" \
  --subdomain="acme" \
  --sync-schedules=true \
  --sync-teams=true \
  --webhook-url="https://tigeraccess.company.com/webhooks/pagerduty"

# Configure notification settings
tacctl integrations configure pagerduty \
  --notify-access-requests=true \
  --notify-break-glass=true \
  --notify-policy-violations=true \
  --create-incidents-for-approvals=true
3

Create Incident-Driven Access Policies

Define access policies that automatically grant permissions based on PagerDuty incidents, on-call status, and escalation policies.

# Grant access when high-urgency incidents are triggered
tacctl policy create incident-response \
  --trigger="pagerduty.incident.created" \
  --filter="urgency=high,service=production-database" \
  --grant-role="production-dba" \
  --duration="incident-lifetime" \
  --resources="database/postgres-prod-*"

# Grant permissions during on-call shifts
tacctl policy create oncall-access \
  --trigger="pagerduty.oncall.started" \
  --filter="schedule=primary-oncall" \
  --grant-role="production-engineer" \
  --duration="shift-lifetime" \
  --auto-revoke-on-shift-end=true

# Route access requests through escalation policy
tacctl policy create escalation-approval \
  --require-approval=true \
  --approval-method="pagerduty" \
  --escalation-policy="engineering-leads" \
  --timeout="30m"
Use Cases

Real-World Scenarios

Incident Response Access

Automatically grant production database and SSH access to on-call engineers when critical incidents are triggered. Access is provisioned within seconds with certificates scoped to incident-related resources, and automatically revoked when the incident is resolved or acknowledged.

On-Call Rotation Permissions

Dynamically adjust access permissions based on PagerDuty on-call schedules. Engineers automatically receive elevated production access during their on-call shifts across all systems, eliminating manual provisioning and ensuring they have the tools needed to respond to incidents.

Escalation-Based Approvals

Route sensitive access requests through PagerDuty escalation policies. When a developer requests production access, create a PagerDuty incident that escalates through your existing on-call rotations, ensuring requests are approved by the right people at the right time.

Break-Glass Monitoring

Monitor emergency access usage and automatically create high-priority PagerDuty incidents when break-glass access is invoked. Include full context about who accessed what systems, from where, and why, enabling rapid investigation and response to potential security incidents.

FAQ

Frequently Asked Questions

Can TigerAccess automatically grant access when incidents are triggered?

Yes. TigerAccess can automatically provision access when PagerDuty incidents are created. You can configure policies that trigger on specific incident parameters (urgency, service, severity) and grant time-bound certificates scoped to relevant resources. Access is automatically revoked when the incident is resolved or after a configured timeout.

How does the on-call schedule integration work?

TigerAccess syncs with PagerDuty on-call schedules in real-time. When an engineer goes on-call, they automatically receive elevated permissions defined in your access policies. When their shift ends, permissions are immediately revoked. This eliminates manual provisioning and ensures engineers always have the access they need during their rotation without maintaining standing privileges.

Can I use PagerDuty escalation policies for access approvals?

Absolutely. TigerAccess can create PagerDuty incidents for access requests and route them through your existing escalation policies. This ensures requests are approved by the right people based on service ownership, time of day, and escalation rules you have already configured in PagerDuty.

How are break-glass access events handled?

When emergency break-glass access is invoked in TigerAccess, a high-urgency incident is automatically created in PagerDuty with full context including who accessed what, from where, the stated reason, and session details. This enables your security team to immediately investigate and respond to potential security events.

What types of notifications can TigerAccess send to PagerDuty?

TigerAccess can send various events to PagerDuty including access requests (as incidents), access grants/revocations (as change events), break-glass access (as high-urgency incidents), policy violations, failed authentication attempts, and session recordings. You can configure which events trigger notifications and their severity levels.

Ready to Secure Your Infrastructure?

Join thousands of security-conscious teams using TigerAccess to protect their critical infrastructure and AI agents.

Start Free TrialContact Sales

No credit card required • 14-day free trial • Enterprise support available