In the web client, expand the Security Policy Management section in the left navigation pane.
In the web client, expand the Security Policy Management section in the left navigation pane.
The Access Request Activity page allows Security Policy Administrators to review and manage access requests from a single location. Clicking one of the access request tiles on the page displays additional information about the access requests belonging to that category. In addition, you can review the request workflow, launch a live session, end a session, or revoke a specific request.
This dashboard is available to Safeguard for Privileged Passwords users assigned the following administrative permissions:
Auditor: Read-only view.
Security Policy: Full control.
Clicking any of the following tiles will open a dialog showing additional information. Click the button to customize the tiles that are displayed.
Open Requests: Displays a list of all currently opened access requests, including session requests and password release requests.
Pending Approval: Displays a list of access requests to be approved.
Pending Review: Displays a list of access requests to be reviewed.
Open Sessions: Displays a list of all currently opened sessions.
Passwords Out: Displays a list of all password release requests that are currently checked out.
SSH Keys Out: Displays a list of all SSH key release requests that are currently checked out.
API Keys Out: Displays a list of all API key release requests that are currently checked out.
After opening one of the tiles, use the toolbar at the top of the details grid to perform the following tasks.
View Details: Select to view additional information regarding the request.
Request Workflow Details: Select to review the transactions that took place in the selected request. Clicking this button displays the Request Workflow dialog allowing you to audit the transactions that occurred during the request's workflow from request to approval to review.
Session Audit Log in SPS: Click this button to open the session audit log in SPS.
View Live Session: Select to view a live session for the selected session request. Clicking this button launches the Desktop Player (minimum version supported is 1.11.15) allowing you to follow an active session.
For details on using the Desktop Player, go to One Identity Safeguard for Privileged Sessions - Technical Documentation. Scroll to User Guide and click One Identity SPS [version] Safeguard Desktop Player User Guide.
Terminate Live Session: Select to close the live session for the selected session request.
Close Request: Select to retract the selected access request.
Export: Select to create a .csv or .json file of the currently displayed access request grid and save it to a location of your choice. The time is set according to the user time zone.
Columns: Select to display a list of columns that can be displayed in the grid. Select the check box for data to be included in the grid. Clear the check box for data to be excluded from the grid.
A Safeguard for Privileged Passwords account group is a set of accounts which you can add to the scope of an access request policy. For more information, see Creating an access request policy.
The Auditor and the Security Policy Administrator have permission to access Account Groups.
To access Account Groups, in the web client, navigate to Security Policy Management > Account Groups.
The Account Groups view displays the following information about the selected account group.
Properties tab (account group): Displays general information about the selected account group.
Accounts tab (account group): Displays the accounts associated with the selected account group.
Access Request Policies tab (account group): Displays the entitlements and access request policies associated with the selected account group.
History tab (account group): Displays the details of each operation that has affected the selected account group.
Use these toolbar buttons to manage account groups.
Account Group: Add account groups to Safeguard for Privileged Passwords. For more information, see Adding an account group..
Account Dynamic Group: Add dynamic account groups to Safeguard for Privileged Passwords. For more information, see Adding a dynamic account group..
Delete: Remove the selected account group from Safeguard for Privileged Passwords. For more information, see Deleting an account group..
View Details: Used to display information and configuration options for the selected account group.
Export: Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data.
Refresh: Update the list of account groups.
Search: You can search by a character string or by a selected attribute with conditions you enter. To search by a selected attribute click Search and select an attribute to search. For more information, see Search box.
The Properties tab lists information about the selected Account Group.
To access Properties:
Property | Description |
---|---|
Name |
The selected account group's name |
Description |
Information about the selected account group |
Account Rules |
For dynamic account groups, a summary of the asset account rules defined |
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center