Time-limited roles give users the defined role during the defined time period.

Assigning the time-limited roles ensures users have elevated access only when needed, without requiring manual revocation. When you assign a time-limited role to a user, you specify a start and end date. The system automatically activates the role at the start date and removes it when the end date passes, eliminating the need for manual access cleanup.

Supported roles and limits

Time-limited roles enhance security by automatically reducing privileges when no longer needed, support compliance through time-bound access policies, and improve efficiency by eliminating manual tracking and revocation. The following table provides information about the available time-limited roles and limits:

Table 1. Configuration information and limits of time-limited role

Supported Roles	Assignment Rules
admin snc_read_only impersonator	Maximum of three concurrent time-limited roles per user can be assigned Time-limited role can be maximum of 5 days per user. Time-limited assignments can handle more than one role assignment to a user, even if the total duration across assignments is less than five days.