Least privilege is the modern PAM approach that allows certain privileges for specific purposes. Each user gets just the permissions they need to do their job, and they cannot access servers, applications and files outside their scope. This principle is the opposite of standing privileges, which are available at any time. Least privilege reduces the attack surface by minimizing the time privileges are used.
You can support least privilege practices through just-in-time privileged access management (JIT PAM). The name comes from the idea that the user gets elevated privileges just at the time they're needed and for the least amount of time necessary. In this system, users must request access to more permissions. If you approve a request, the user will get just enough privilege to complete the tasks at hand. When the user is done, their elevated permissions identity will be disabled or deleted.
Another approach to just-in-time administration for secure access management is zero standing privilege (ZSP), where all users must request elevated permissions because no standing privilege accounts exist.