Privileged Identity Management Manager & Visualizer
PIM Manager is a specialized tool designed to simplify, visualize, and manage Microsoft Entra ID Privileged Identity Management (PIM) assignments and configurations.
Managing Privileged Access in complex environments is challenging.
Functional Benefits:
- Visual Clarity: See who has access to what, instantly.
- Governance Focused: Built for admins who need to prove compliance and control.
Architectural Philosophy:
- Client-Side Architecture: PIM Manager runs entirely in your browser. No data is stored on our servers. Your tokens and data stay within your session.
- Direct Graph API Integration: We leverage the official Microsoft Graph API for all operations, ensuring reliability and security.
- Governance First: Built for admins who need to prove compliance, offering visualization and reporting capabilities missing from the native tools.
- Secure by Design: Zero Trust principles applied at the core. PIM Manager runs entirely client-side, storing no data on our servers and strictly adhering to the Principle of Least Privilege.
- Unified Governance: View and manage all your privileged assignments (Directory, Groups, Resources) in a single, consolidated view.
- Visual Reporting: Instantly visualize role distribution and assignment types (Eligible vs. Active) to identify security risks.
- Security & Trust: Open Source and client-side executed for maximum transparency and trust.
See CHANGELOG.md for the latest features, improvements, and security updates.
Comprehensive documentation is available in the docs/ directory.
- Architecture - Deep dive into the client-side design.
- Data Flow - How we fetch and process Graph data.
- Security Model - Authentication, authorization, and data protection.
- Key Concepts - PIM terminology and technical concepts.
PIM Manager's architecture, security model, and zero-trust principles were designed by Joël Prins. Generative AI was used to assist in the coding and research of this project. Every file, function, and logic block has been verified, sanitized, and approved by a human engineer to ensure security and reliability.
For details on how we process data, see Data Flow.
This project is licensed under the GNU General Public License v3.0. See the LICENSE file for details.
