Methods and systems are provided to allow users that are authenticated by a trusted external service to gain controlled levels of access to selected local computing resources without requiring the user to also have conventional access control capabilities for the resources.