The actions that can be taken on a password release request depends on the state of the request.

To take action on a password release request

  1. From the web client, click My Requests. Use any of the following methods to control the request displayed:

    • Click then select Check-In All Available to check-in all the available requests, Clear All to remove all requests, or Cancel All Pending Time Requested to cancel and remove all pending requests.

    • Click Sort By then select to sort by Account Name, Asset Name, Due Next, Expiring Next, Most Recent, or Status.
    • Click sort up or sort down to sort in ascending or descending order.
    • Click Filters to filter by the status.
      • Available: Approved requests that are ready to view or copy.
      • Pending Approval: Requests that are waiting for approval.
      • Approved: Requests that have been approved, but the check out time has not arrived. Or, for pending accounts restored when using the Safeguard for Privileged Sessions suspend feature.
      • Revoked: Approved requests retracted by the approver. The approver can revoke a request after the request has become available.
      • Expired: Requests for which the Checkout Duration has elapsed.
      • Denied: Requests denied by the approver.
    • Click Search to see a list of searchable elements. Or enter search characters. For more information, see Search box.
    • If a denied or revoked request has been commented on by an approver, you can click the button associated with the request to view the comment.
  2. You can take any of the following actions on the password release request:
    • Available Password request:
      • The name, account, and remaining time is displayed.
      • If your browser allows, click  Copy to check out the password. This puts the password onto your clipboard, ready for you to use. Or, click Show to check out the password and view the password. A password displays on your screen for 20 seconds. The web client displays up to 10,000 characters before truncating the password, however the API allows any set password payload below 1MB. If the password changes while you have it checked out, and your current request is still valid, select either Copy or Show again to obtain the new password.
      • Select Hide to conceal the information from view.
      • Once you are done working, click  Check-In Request to complete the password check out process.
    • Available Password Request with time-based one-time password (TOTP) configured (for more information, see Setting a TOTP authenticator):

      • Click  Copy MFA Code (OTP) to put the TOTP onto your clipboard, or View MFA Code (OTP) if you want to manually enter the TOTP. Clicking either button will check out the active TOTP and initiate a countdown during which the TOTP must be used.

      • Depending on the platform, you may need to enter multiple TOTP. Each successive TOTP will be made available once the previous TOTP has expired. If the TOTP changes while you have it checked out, and your current request is still valid, select either Copy MFA Code (OTP) or View MFA Code (OTP) again to obtain the TOTP, if enabled by your Administrator.

      • Once you are done working, click  Check-In Request to complete the password check out process.

    • Approved request: Select  Cancel Request to remove the request.

      A password release request changes from Approved to Available when the requested time is reached. It stays available until you either cancel the request or it reaches the end of the duration period.

    • Pending request: Select  Cancel Request to remove the request.
    • Revoked request: Select Resubmit to request the password again.
    • Expired request: Select  Remove Request to delete the request from the list.

    • Denied request: Select Resubmit to request the password again.

      Select  Remove Request to delete the request from the list.