When you use the Cyral ephemeral access (also known as just-in-time access) feature to grant users limited-time access to a data repository, that user's access will automatically expire after the period specified in the grant. An administrator can manually revoke access before the grant expires, if needed.
When the ephemeral access grant expires or is revoked, the user's current session, if any, will be disconnected immediately, and the user will have to request a new access grant in order to connect to the repository again.
You can manage ephemeral access grants (just-in-time grants) in the Cyral control plane UI by navigating to Repositories, clicking your repository's name, and selecting the User Grants tab.
Learn more: Set up ephemeral access for users