Explore Products
Built for MSPs managing Microsoft Entra across multiple clients

Turn identity control into a service your clients will pay for.

JML360 standardises approvals, stops offboarding failures, and gives you audit-ready evidence across every Microsoft Entra tenant without slowing your engineers down.

Most MSPs only discover identity failures when a client or auditor finds them first.

  • Stop incomplete offboarding before it becomes an escalation call
  • Standardise identity control across every client you manage
  • Produce decision evidence instantly for audits and client reviews
  • Package governed identity operations as a premium managed service
See How It Works Watch the Platform Book JML360 Demo
Fewer offboarding gaps and escalation calls
Consistent identity control across clients
Audit-ready evidence on every decision
Built for multi-tenant Microsoft MSPs
Who It’s For

Built for MSPs managing Microsoft Entra environments across multiple clients.

  • MSPs standardising joiner, mover, and leaver workflows across multiple tenants
  • Teams who need faster onboarding and safer offboarding without adding manual friction
  • Providers who want audit-ready decision evidence without hunting through tickets and logs
  • Operators looking to turn identity governance into a higher-trust managed service
In Practice

What controlled identity execution looks like in the real world.

1

A starter or leaver request comes in

From HR, a PSA workflow, an API, or a manual process

2

JML360 checks policy before anything runs

Tenant scope, role access, and workflow rules are evaluated up front

3

The right approver is routed in

Approval follows tenant rules instead of whichever engineer happened to pick up the task

4

Execution happens in Microsoft Entra

Only after approval, with the full decision trail recorded automatically

Your engineers still move fast. Your clients get controlled outcomes.

The Problem

Identity automation gets blamed late.
Usually after the client feels the risk.

Most MSPs do not have a control layer between a request and privileged execution.

That means the first real signal is often a live client issue, a failed audit trail, or a privileged account that should have been removed already.

Leavers keep access

Offboarding misses are noticed by clients, auditors, or incidents rather than by the workflow itself.

Approvals drift by client

Each tenant ends up with a slightly different process, which means more exceptions, more confusion, and more tickets.

Automation scales mistakes too

A bad template or over-broad permission can spread across tenants faster than your team can catch it.

Evidence lives everywhere

Your team has to reconstruct what happened from disconnected tools instead of pulling one clear decision record.

Automation is not the issue.
Uncontrolled execution is.

Familiar Scenarios

These are not edge cases. They are what MSPs live with when identity changes run without consistent control.

The “still active after offboarding” call

A leaver workflow fails silently. Access remains live. The client finds out before your process does.

The template that was too generous

A joiner template grants broader access than intended and gets repeated across multiple tenants before anyone stops it.

The audit question nobody can answer cleanly

The change happened, but your team still has to piece together who approved it, what executed, and why it was allowed.

What JML360 Is

Not another automation tool.
A control layer between request and execution.

JML360 sits between identity intent and Microsoft Entra execution so your existing automations, scripts, and workflows can keep moving without bypassing approval, policy, or audit.

Automation vs Control

Automation makes identity work faster.
JML360 makes it safer, more standardised, and easier to sell.

Standard Automation Tools JML360
Run the requested change Check whether the change should run at all
Rely on workflow logic alone Enforce policy, scope, and tenant-specific approval rules
Scale errors quickly Stop incorrect changes before they spread across clients
Leave audit evidence scattered Provide one clear decision trail for engineers, clients, and auditors
Improves internal speed Improves delivery margin and creates a client-facing control service
How It Works

Five steps. No exceptions.

1

Request

A joiner, mover, or leaver request is submitted from HR, API, or a managed workflow.

Everything starts from intent, not from direct privileged action.

2

Policy

JML360 evaluates tenant rules, access scope, and the controls attached to that request.

Bad or out-of-policy changes are stopped before they become tickets or incidents.

3

Approval

The right approver is routed in based on client context and governance requirements.

Approval becomes part of the system, not a side conversation.

4

Execution

Changes are executed in Microsoft Entra only after approval has been captured.

Your team keeps automation speed without sacrificing control.

5

Audit

Every action and decision is recorded with full traceability.

The evidence is ready when a client, auditor, or engineer asks for it.

JML360 Run Map showing submission, policy checks, approval, execution, and audit stages
Monetisable Control

Turn identity governance into a billable service.

This is not just about reducing risk internally. JML360 gives MSPs a clear control layer they can package, defend, and sell to clients who care about trust, audits, and operational maturity.

Add a premium governance tier

Give regulated or security-conscious clients a reason to buy more than basic automation.

Prove control during audits

Show decision evidence without extra project work, spreadsheet chasing, or engineer reconstruction.

Differentiate from MSPs who only automate

Sell safer, more accountable identity operations instead of competing on commodity execution.

Increase margin without extra headcount

Standardise controls once, then apply them across tenants without adding more manual review work.

Microsoft Entra

Designed specifically for Microsoft Entra environments and multi-tenant MSP operations.

JML360 is built around how identity work actually happens in MSP environments: many tenants, frequent changes, existing automation, and real commercial pressure to stay fast without exposing clients to avoidable risk.

It works alongside the tools your team already uses, adding control without forcing you to replace your stack.

  • Microsoft Entra ID
  • HR systems such as BambooHR and Workday
  • Automation platforms, scripts, and APIs
  • Ticketing and ITSM workflows
Platform Reality

This is the layer that lets MSPs prove control instead of just claiming it.

The JML360 dashboard gives your team a live view across tenants: execution activity, approval queues, client risk posture, and full run traceability in one place.

JML360 Dashboard showing MSP execution activity, approval queues, and client risk overview
About CooperBox

Built after seeing identity automation fail in real MSP environments.

JML360 is built by Cristian Bogdan, a cybersecurity and identity architect working on automation and Microsoft environments where execution speed is valuable, but uncontrolled execution becomes a liability fast.

Follow CooperBox on LinkedIn

CooperBox builds control layers for operations that are too important to leave to blind execution. JML360 was shaped by a simple premise: automation should reduce work for MSPs, not increase their liability.

We are working with a limited number of MSPs to shape how governed identity execution should work in live environments.

  • Built by Cristian Bogdan at CooperBox
  • Designed for MSP-scale multi-tenant operations
  • Fail-closed control model with deterministic outcomes
  • Current design partner intake is intentionally limited
Next Step

See how controlled identity operations can become a service your clients trust.

Choose the next step that matches your level of intent. Watch the platform, talk to us directly, or join the design partner program.

See How It Works Talk to Us Join Design Partner Program