Access management for growing teams

Did they actually lose access when they left?

Track access to software, legacy systems, physical keys, and hardware in a single source of truth. Built for SMBs to close the offboarding gap and generate audit-ready trails.

Free 30-day sandbox for your team — migrate when ready

Why Permission Report

Everything you need to prove exactly who has access to what.

Software permissions and physical equipment, one auditable workflow. Built for teams of 10 to 500 — after spreadsheets break, before you need an enterprise IGA.

One catalog for software and hardware

Salesforce, AWS, GitHub, and Adobe live right alongside MacBooks, monitors, master keys, and security badges — tracked and requested through the exact same workflow.

Offboarding that never misses a thing

Flip a staff member to Terminated and Permission Report fans out a revocation request for every permission they hold and a return request for every asset they were issued — each routed to the right manager.

Every change, signed and on the record

Each grant, revocation, assignment, and admin override is captured with who did it, when, and a required written sign-off. Nothing is ever hard-deleted — exactly the evidence your next audit asks for.

Standardize access with role templates

Bundle the permissions a role needs — a "Customer Success Rep" gets Salesforce, Zendesk, Slack, and Notion at once. Change a template later and preview who is affected first. No silent retroactive grants.

How it works

Three steps to provable access control

No complex API integrations. Just clear accountability at every step.

1 Step 1

Set up roles and owners

Assign day-to-day managers to specific software and physical equipment. Bundle access into role templates or group by projects. Stop tracking access in spreadsheets.

Customer Success Template

4 included
  • SSalesforce
  • SSlack
  • ZZendesk
  • OOffice Keys
2 Step 2

One flip routes everything

When someone leaves, flip their status to Terminated. Permission Report instantly routes revocation and return requests to every manager responsible for their assets.

Sarah Connor

Terminated

IT Dept

Revoke Salesforce, Slack

Facilities

Return office keys, laptop

3 Step 3

Humans sign off

Managers confirm access removal with a signed note — called an attestation. Every action creates an immutable, timestamped audit log. Your audit evidence is generated automatically.

Audit log

Immutable

Salesforce access revoked

Today · Attested by Jane Smith

“Account disabled in admin panel.”

Radically simple, transparent pricing.

Start with a free 30-day sandbox

$3 per employee
/ month
  • Unlimited tracking across software, legacy systems, physical keys, and hardware.
  • Practical tools: role templates, manager-routed requests, and signed attestations — no API integrations to maintain.
  • Immutable audit ledger to generate instant evidence for your next audit.
  • An isolated 30-day sandbox to test safely — migrate to production when ready.
Start your Zero-Risk Sandbox

Questions, or want a demo? Talk to us

Stop guessing who has access to your data.

Spin up a free 30-day sandbox today — add as many employees as you like, with no emails sent to your team — and see how automated offboarding actually feels.