When you log in to Safeguard for Privileged Passwords, you begin on the Home page. The Message of the Day displays on the right side. The rest of the Home page is tailored to your user rights and permissions. If you are authorized by an entitlement to request, approve, or review access requests, then your Home page gives you a quick view to the access request tasks that need your immediate attention.
You can turn Requests, Approvals, and Reviews widgets on or off in Settings (desktop client).
The Appliance Administrator sets the Message of the Day.
Requester's Home page view
Click the New Request tile to open the New Access Request dialog, which lists the assets and accounts you are authorized to access. From this dialog you specify the assets, accounts and the type of access you are requesting, and additional details about the request.
For more information, see:
Expand Requests to view the requests awaiting action.
For more information, see:
The Favorites pane (right pane) displays a list of requests you have marked as a favorite, providing a quick way to request access.
Favorites pane: Action bar buttons
Use the toolbar buttons at the top of the Favorites pane to manage your favorite requests:
- New Favorite: Select this button to create a new favorite request. Clicking this button displays the New Access Request dialog, allowing you to select the assets, accounts, type of access, and additional details about the request.
- Select this button to display additional options for managing your favorite requests:
- Request Selected
- Color Selected
- Remove Selected
TIP: Select the check box to the left of a favorite request to use these additional buttons. Selecting the request itself will launch the New Access Request dialog, allowing you to edit and submit the request.
Submit a favorite request
To submit a favorite request, click the request or select the check box to the left of a request and select Request Selected. The New Access Request dialog displays allowing you to edit your selections or enter a required reason or comment before submitting it.
For more information, see:
Approver's Home page view
Your job is to approve or deny the access requests listed on your Home page. Expand Approvals to view the requests awaiting your approval. As an approver user, unless you are also designated as a requester, you will see no favorites listed.
For more information, refer to these topics:
Reviewer's Home page view
Your job is to review completed access requests listed on your Home page. Expand Reviews to view the completed requests requiring your review. As a reviewer user, unless you are also designated as a requester, you will see no favorites listed.
For more information, refer to these topics:
One Identity Safeguard for Privileged Passwords provides a workflow engine that supports time restrictions, multiple approvers, reviewers, emergency access, and expiration of policy. It also includes the ability to input reason codes and integrate directly with ticketing systems.
In order for a request to progress through the workflow process, authorized users perform assigned tasks. These tasks are performed from the user's Home page in the desktop client or web client.
As a Safeguard for Privileged Passwords user, your Home page provides a quick view to the access request tasks that need your immediate attention. In addition, an Administrator can set up alerts to be sent to users when there are pending tasks needing attention. For more information, see Configuring alerts.
The access request tasks you see on your Home page depend on the rights and permissions you have been assigned by an entitlement's access request policies. For example:
-
Requesters see tasks related to submitting new access requests, as well as actions to be taken once a request has been approved (for example, viewing passwords, copying passwords, launching sessions, and checking in completed requests).
Requesters can also define favorite requests, which then appear on their Home page for subsequent use. This can be done from either the desktop client or web client:
- Approvers see tasks related to approving (or denying) and revoking access requests.
- Designated reviewers see tasks related to reviewing completed (checked in) access requests, including playing back a session if session recording is enabled.
Password release and session requests use a workflow engine; however, the actions taken on a session request are slightly different than those taken on a password release request. Therefore, we will cover each of these access request workflows separately:
All users are subscribed to the following email notifications; however, users will not receive email notifications unless they have been included in a policy as a requester (user), approver, or reviewer.
- Access Request Approved
- Access Request Denied
- Access Request Expired
- Access Request Pending Approval
- Access Request Revoked
- Password was Changed
- Review Needed
Toast notifications may also appear on your console when the desktop client application is not the active foreground application.