MIRA - User Access Governance 

Simplify the management of access


Many organizations have to manage a large number of identities and access rights. As a modern user access governance solution (UAG), MIRA does this efficiently and ensures compliance with regulatory and policy requirements.

KeyIdentity MIRA: New user access model

Most existing UAG tools do not provide the clear and simple answer to WHY someone has access. An answer to this question can only be provided on all layers of the business if there is a standard and intuitive user access model. MIRA is a user friendly, innovative UAG tool which will help you to enforce a scalable UAG operating model, which is cost efficient across multiple data and application technologies. It will help you enable your business and focus on your key tasks. KeyIdentity MIRA brings a new semantic approach to the question WHY a person has access.

The rationale for having an access is embedded in the access itself, by answering three questions for business users in a technology agnostic way:

Who is to receive access? (Identity)

✓ What does a user need to receive access to? (Role)

✓ Where can this access be used? (Team)

and by providing a technology specific view for asset and data owners:

✓ How can an user access an asset? (Assets/Entitlements)

KeyIdentity MIRA enables the right people to make decisions in their scope of excellence, removing overwhelming and burdensome tasks!

MIRA User Access Model

A role is defined once by combining a set of activities. For example the developer role may include the activities of writing code, testing code and deploying code. Activities are understandable at all levels because they are defined in the context of the business. These activities are linked with technical entitlements. In the developer example, this would correspond with commit permissions in gitlab (Asset). In addition, there is the concept of a team which can be formal or virtual. The team defines the set of assets available to a role within the team. The role combined with the team results in the provisioning operation for the user with the access rights for the correct assets. The developer role in this example is used for all developers in the organization. The activities for all developers are the same. In this example, being a developer in team “Web” or team “Mobile” results in a different set of assets and entitlements available to the team and a different set of accesses is provisioned for the user, depending on the team.



The reason for having an access is embedded in the access itself (people need access because they perform a defined activity in a specific context) and is transparent at all times.


Each element of the user access model only needs to be defined once. Roles, Tasks and Activities are centrally managed and propagate dynamically to all accesses. The different scopes of the user access model can be managed by the corresponding part of the organization. Adding more assets, users or roles does not add complexity.


Within companies, people naturally work in different teams. These can be formal or virtual. Managing access around teams instead of fixed organizational structures enables true agility. A role is always associated with a team and dynamically gives the activities of the role an asset scope.


A single model separating business roles from technology implementation can be implemented by a single set of processes, enabling high levels of automation across all areas of Identity- and Access Management (IAM) with confidence.

With KeyIdentity MIRA you achieve security, manageability, agility and sustainability by:


  • Enabling the granting of minimum access on a need to know basis and segregation of duties within the business and its processes.
  • Enabling users to easily understand and manage accesses needed to achieve the desired outcomes.
  • Enabling the enterprise to be truly agile without fear of changes in the organization, processes and IT having a detrimental effect on the IAM.
  • Enabling easy implementation and operation.

KeyIdentity MIRA improves your flexibility and agility. MIRA supports the natural workflow in an organization which is structured around projects and teams independently of the HR business title a user has. In addition, the separation of managing technical entitlements from managing roles and activities results in the flexibility to change the technology stack without the need to change the roles. Your users will be able to easily understand and manage accesses, making it easy to perform their IAM responsibilities and achieve the desired outcomes. You will enable your organization to evolve and grow and continuously improve your structure, processes and IT without losing confidence in your compliance.

Live demo
Convince yourself and request a live demo via  mira(at)  or  +49 6151 86086 - 277.
KeyIdentity MIRA


  • Innovative and user friendly User Access Governance
  • Fully automated provisioning and decommissioning of user access
  • Intuitive, self-service process
  • All user access configured with four-eye approval
  • Definition and prevention of toxic combinations in user access
  • Variance report (closed-loop) - comparison of actual and target access rights
  • Fast and easy regular recertification of access rights



MIRA User Access Governance

Everything about MIRA at one glance!

 Download the datasheet

Your contact


Rainer Endres, Head of Product Management

Rainer Endres

Head of Product Management

Are you ready to bring access governance to a whole new level?  

Let's talk!

+49 6151 86086 0