The following describes how to perform four-eyes authorization on One Identity Safeguard for Privileged Sessions (SPS).

To perform four-eyes authorization on SPS

  1. When a user initiates a connection from a client and four-eyes authorization is required for the connection, SPS will pause the connection.

    NOTE: Four-eyes authorization can be set separately for every channel. However, if a client of an existing connection opens a new channel that requires four-eyes authorization, every channel is paused until the authorization is completed.

  2. Login to SPS, and select Four-Eyes from the main menu. The list of connections waiting for authorization will be displayed.

    Figure 68: Four-Eyes — Performing four-eyes authorization

    NOTE: Only those connections will be listed, where your usergroup has the Authorize or the Follow&Authorize permissions. No other SPS privilege is required to access this page.

  3. Select the connection and click Accept to enable the connection, Reject to deny the connection, or Accept&Follow to enable it and monitor in real-time.

    NOTE: Following a session requires the following:

    • The Record audit trail option must be enabled for the specific channel in the Channel policy of the connection.

    • The Audit Player application must be installed on the computer of the auditor.

    • If the Audit policy of the connection uses encryption, the appropriate decryption keys must be available on the computer of the auditor.

    The Safeguard Desktop Player application replays the live streams in live mode. For details on how to monitor a connection in real-time using the Safeguard Desktop Player, see Replaying audit files in follow mode in the Safeguard Desktop Player User Guide.

  4. Enter a note why the connection was accepted/rejected into the appearing dialog box. This description will be stored in the connection database together with other metadata about the connection.

    Figure 69: Describing why a connection was accepted/rejected

  5. If you have to terminate an ongoing connection for some reason, select Pending Connections > Active Connections from the main menu. The list of ongoing connections will be displayed.

    Figure 70: Pending Connections > Active Connections — Displaying active connections

  6. Select the connection to stop, and click Terminate.

    NOTE: When following a connection in the Safeguard Desktop Player application, the auditor can also terminate the connection from the Audit Player by clicking Terminate.

    Figure 71: Terminating a connection in Safeguard Desktop Player