One Identity Safeguard for Privileged Passwords provides a workflow engine that supports time restrictions, multiple approvers, reviewers, emergency access, and expiration of policy. It also includes the ability to input reason codes and integrate directly with ticketing systems.
In order for a request to progress through the workflow process, authorized users perform "assigned" tasks. These tasks are performed from the user's Home page in the desktop client or web client.
As a Safeguard for Privileged Passwords user, your Home page provides a quick view to the access request tasks that need your immediate attention. In addition, Safeguard for Privileged Passwords can be configured to alert you when you have pending tasks awaiting your attention. For more information, see Configuring alerts.
The access request tasks you see on your Home page depend on the rights and permissions you have been assigned by an entitlement's access request policies. For example:
Designated "requesters" see tasks related to submitting new access requests, as well as actions to be taken once a request has been approved (for example, viewing passwords, copying passwords, launching sessions and checking in completed requests).
Requesters can also define favorite requests, which then appear on their Home page for subsequent use. For more information, see Creating, editing, or removing a favorite request.
Password release requests and session requests use the same workflow engine; however, the actions taken on a session request are slightly different than those taken on a password release request. Therefore, we will cover each of these access request workflows separately:
If designated as a requester, Safeguard for Privileged Passwords allows you to add an access request as a Favorite to your Home page. Favorites are unique for the user; they are available when you log into the desktop client or the web client.
You can create a favorite request from your Favorites pane on your Home page or from the New Access Request dialog when creating or editing an access request.
To create a favorite request from your Home page
In the New Access Request dialog, specify the assets, accounts, and type of asset to be included in the access request.
On the Account & Access Type tab, select the accounts to be included in the access request and the type of access being requested for each selected account.
In the Add to Favorites dialog, specify the following:
Name: Enter a name for the request.
Required
Click Add.
The dialogs will close and the new favorite will be added to the Favorites pane on your Home page.
To create a favorite request from the New Access Request dialog
At the bottom of the New Access Request dialog, click the Add to Favorites button when you are creating a new request. The Add to Favorites button is enabled when you have selected the minimum required information (that is, at least one asset, account, and an access type) for the access request.
In the Add to Favorites dialog, specify the following:
Name: Enter a name for the request.
Required
To change a favorite request's icon color
Select the check box to the left of the favorite request to be changed. Selecting a favorite request, instead of the check box, displays the New Access Request dialog to edit and submit the access request.
In the Settings dialog, choose a color and select OK.
The icon for the favorite now appears in the color you selected.
At the top of the Favorites pane, click the button to display the Remove Selected button.
Select the check box to the left of the favorite request to be removed. Selecting a favorite request, instead of the check box, displays the New Access Request dialog to edit and submit the access request.
All users are subscribed to the following email notifications; however, users will not receive email notifications unless they have been included in a policy as a requester (user), approver, or reviewer.
There are two ways to configure One Identity Safeguard for Privileged Passwords to send event alerts to Safeguard for Privileged Passwords users:
Notification | Description |
---|---|
Toast notifications |
Configure alerts that appear on your console when the desktop client application is not the active foreground application. |
Email notifications |
Configure email notifications. |
Toast notifications are alerts that appear on your console when the desktop client application is not the active foreground application; for example, when you are in another application or when you have minimized the One Identity Safeguard for Privileged Passwords desktop client.
To enable toast notifications
|
Note: When you select the Run in the System Tray check box, you cannot modify the toast notifications option because in that mode, you always get notifications. |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy