The toolbar at the top of the views (except for the Toolbox and Settings), contain these options, depending on your Administrator permissions and the administrative tool you are in.
These buttons are available:
- Apply to apply the changes and keep the dialog open
- OK to apply the changes and close the dialog.
- Cancel to ignore any changes made, if any, and close the dialog.
Toolbar options include the following.
Add: Add objects to the Safeguard for Privileged Passwords appliance.
Delete: Remove objects from the appliance.
-
Refresh the screen.
NOTE: Whenever you add, modify, or delete an object in Administrative Tools, the changes you make cannot be seen by other administrators running Safeguard for Privileged Passwords on other clients unless they click Refresh.
Import : Only available for Accounts, Assets, and Users. Add a set of objects from a .csv file. For more information, see Importing objects.
User Security: Only available for Users. Menu options include Set Password and Unlock accounts. For more information about these options, refer to Setting a local user's password and Unlocking a user's account.
- Account Security: Only available for Accounts. Menu options include: Set Password, Check Password, and Change Password. For more information, see Checking, changing, or setting an account password.
Permissions: Only available for Users. Set administrator permissions for users. For more information, see Administrator permissions.
Set as Default: Only available for Partitions. Set a partition as the default. For more information, see Setting a default partition and Setting a default partition profile.
Download SSH Key: Only available for Assets. Add the SSH Key to the selected asset. For more information, see Downloading a public SSH key.
Password Archive: Only available for Accounts. Display the password history for the selected account. For more information, see Viewing password archive.
Access Requests: Only available for Accounts and Assets. Enable or disable access request services for the selected account or asset.
Show Disabled: Display the accounts or assets marked as disabled.
Hide Disabled: Hide the accounts or assets marked as disabled.
Sync Now: Only available for Assets. Run the directory addition and deletion synchronization process on demand. In addition, it runs through the discovery, if there are discovery rules and configurations set up.
One Identity Safeguard for Privileged Passwords provides a workflow engine that supports time restrictions, multiple approvers, reviewers, emergency access, and expiration of policy. It also includes the ability to input reason codes and integrate directly with ticketing systems.
In order for a request to progress through the workflow process, authorized users perform assigned tasks. These tasks are performed from the user's 
Home page in the desktop client or web client.
As a Safeguard for Privileged Passwords user, your Home page provides a quick view to the access request tasks that need your immediate attention. In addition, an Administrator can set up alerts to be sent to users when there are pending tasks needing attention. For more information, see Configuring alerts.
The access request tasks you see on your Home page depend on the rights and permissions you have been assigned by an entitlement's access request policies. For example:
-
Requesters see tasks related to submitting new access requests, as well as actions to be taken once a request has been approved (for example, viewing passwords, copying passwords, launching sessions, and checking in completed requests).
Requesters can also define favorite requests, which then appear on their Home page for subsequent use. This can be done from either the desktop client or web client:
- Approvers see tasks related to approving (or denying) and revoking access requests.
- Designated reviewers see tasks related to reviewing completed (checked in) access requests, including playing back a session if session recording is enabled.
Password release and session requests use a workflow engine; however, the actions taken on a session request are slightly different than those taken on a password release request. Therefore, we will cover each of these access request workflows separately:
All users are subscribed to the following email notifications; however, users will not receive email notifications unless they have been included in a policy as a requester (user), approver, or reviewer.
- Access Request Approved
- Access Request Denied
- Access Request Expired
- Access Request Pending Approval
- Access Request Revoked
- Password was Changed
- Review Needed
Toast notifications may also appear on your console when the desktop client application is not the active foreground application.
Using the desktop client, there are two ways to configure One Identity Safeguard for Privileged Passwords to send event alerts to Safeguard for Privileged Passwords users:
Toast notifications are alerts that appear on your console when the desktop client application is not the active foreground application. For example, a toast notification may display when you are in another application or when you have minimized the One Identity Safeguard for Privileged Passwords desktop client.
(desktop client) To enable toast notifications
- In the desktop client, open
Settings (desktop client).
- Select the Enable Toast Notifications check box.
Note: When you select the Run in the System Tray check box, you cannot modify the toast notifications option because in that mode, you always get notifications.
Web client: