A method, apparatus and program-product are provided for managing user access to a converged set of entitlement resources residing within an entitlement resource repository. Each of the entitlement resources is marked with an entitlement identifier. When a requester attempts to access an entitlement resource, an authentication token corresponding to the requester is sent to one or more entitlement authorities associated with the entitlement resource. The entitlement authority creates a set of entitlement identifiers associated with the requestor. This set of entitlement identifiers associated with the requestor is then compared with the entitlement identifiers associated with the entitlement resource to determine if the requestor has authority to access the entitlement resource.