Joiners, Movers, and Leavers (JML)

Complete and streamlined process for onboarding, transitioning and offboarding, enabled by advanced lifecycle management and seamless integrations.


The Challenges of Manual User and Authorisation Management

Manual processes for onboarding, transitioning and offboarding entail a significant risk for errors. Examples include improperly granted access rights or accounts remaining active after employees leave. These situations create substantial security risks and compliance issues with current privacy and information security standards.


Automation of User Lifecycle Processes Through Source Systems

HelloID automates the entire process, from onboarding at the time someone joins the organisation, to safely revoking rights during the offboarding of departing employees (or other users). Rights are automatically adjusted in case of interim job or role changes.

(cost) efficiency

  • Save time and money: Automate the granting, changing and revoking of access rights, freeing up IT staff to work on other tasks.
  • Faster onboarding: Reduce turnaround time during onboarding and job changes, enabling users to become and remain productive more quickly.
  • Automatic rights allocation: Assign access rights based on job roles, eliminating the need to evaluate access rights for each user individually.
  • Reduce license costs: Avoid unnecessary accumulation of license rights and save on licensing costs.


  • Prevent human errors: Avoid incorrect distribution of access rights and thereby reduce the likelihood of security incidents.
  • Revoke rights immediately: Automatically remove access rights for departing employees within 24 hours, ensuring accounts are not left active where they shouldn’t be.
  • Minimize the risk of unauthorised access: By assigning rights based on user roles, we prevent inappropriate rights being granted.
  • Prevent the accumulation of rights: Managing rights according to an individual’s role helps prevent users from accumulating excessive access rights.


  • Automatic reporting: With easily accessible and clear reports and audit trails, the preparation and execution of compliance audits will be more efficient and quicker.
  • ‘Least privilege’ principle: By relying on an automatic link between roles and necessary access rights, the organisation demonstrably complies with the ‘need to know’ principle.

How We Automate the User Lifecycle

Automating the identity lifecycle involves five steps, each of which can be set up using low-code or no-code solutions.

  1. Source system: Connect HelloID with source systems such as HR, SIS and/or scheduling systems. Changes in source data automatically become available in HelloID.
  2. People: Transform data about people/roles in source systems into a unified representation within HelloID, using an ‘identity vault’.
  3. Business Rules: Define which account types and access permissions should be assigned to different roles, and under which specific conditions.
  4. Target systems: Connect HelloID to on-premises and cloud-based applications. This can be done gradually for each application.
  5. Reporting and auditing: Configure standard and custom reports and monitoring functions for analysis and audits.

Frequently Asked Questions

Automatic onboarding and offboarding eliminate the need for manual steps. Based on alerts from an HR system, for example, HelloID ensures that user accounts and access rights are automatically created in a timely manner when a new employee joins your organisation. Similarly, during offboarding HelloID automatically revokes the account(s) and related permissions.

HelloID automates the creation, adjustment or removal of accounts and related permissions. This automation means these tasks no longer require manual handling, freeing up IT staff to dedicate their time to other tasks.

Yes, HelloID supports open integration standards and offers an extensive catalogue of connectors for a wide range of source and target systems, without need for modifications to those systems.

RBAC ensures a clear and definitive link between an individual’s role and the rights needed to perform that role effectively. This clarity in rights allocation through RBAC reduces the risk of mistakes and ensures appropriate access is granted.

Certainly, HelloID offers a wide array of standard logging and reporting options. Additionally, it allows for the configuration of bespoke reports tailored to specific customer needs.

The onboarding process can be set up so that on an individual’s first day, all necessary accounts and access rights are in place and activated. The new team member can start right away.

Any job or role change is recorded in the HR system (or another source system). HelloID detects this change and, based on the established business rules, automatically adjusts the associated rights and implements them in the underlying systems.