This is automatically providing an Identity with access to a role, resource or service, or automatically changing or removing that access, based on the life cycle of events or work requests or changed attributes. For example; the first-day, second-day, on-going provisioning and last-day deprovisioning of the access rights of an employee.