Working With Credentials
Credentials are combinations of related user names and passwords and possibly additional details such as challenge questions and certificates necessary to authenticate against a system or product. Once a credential is created, the sensitive details are encrypted and secured in the pasGuard database. The Credential Viewer is used to display a color-coded list of credentials to the user. A green-highlighted row indicates the user is authorized to update the credential, white indicates the user is authorized to read the credential, and red indicates the user is not authorized to interact with the credential. In order to display credentials, optionally select Category, Customer, Product, and Credential Name filters and press the Filter button.
NOTE: Adding a credential will automatically generate full credential permissions for the user. Click here for more information on permissions.
oShow/Hide Credential Details: Not all users are able to view credentials. Their ability is determined by the permissions set on the permission tab. If a user or a group that user is a member of is assigned Read permissions, that user is able to show the credential details, including the password, by clicking this button. Doing so will create a Read entry in the history log for the credential, and display the extended details for the credential.
oCredential Name: The unique name of the credential.
oIs Active: The active status of the credential, representing whether or not the credential is being used.
oCategory: The category the credential is assigned to. Checking the box will enable the option to change the category.
oCustomer: The customer the credential is assigned to. Checking the box will enable the option to change the customer.
oProduct: The product the credential is assigned to. Checking the box will enable the option to change the product.
oUser Name: The account log-on name for the Credential
oPassword: The password used in coordination with the user name. This field is encrypted and is not stored or cached locally.
oURL: An optional field for a website related to the credential.
oNotes: An optional field for additional notes or information that may be required to guide through the use of the credential.
oUpdate: Not all users are able to view credentials. Their ability is determined by the permissions set on the permission tab. If a user or a group that user is a member of is assigned Update permissions, that user is able to edit the credential details. This button will only be visible after showing the extended credential details, and is only enabled if the user has update permissions. Clicking this button will update the credential, hide the extended details, and create an Update entry in the history log for the credential, and display the extended details for the credential.
oThe history tab is displayed for all users. It contains two data grids to monitor credential activity. The history tab is only present when accessing the credential from the credential viewer.
oThe top grid is the Change History grid. It will display the entire history of reads and updates for the selected credential.
oThe bottom grid is the Access History grid. It will display all users who have viewed the credential since it last had the user name or password updated.
oThe permissions tab is displayed for all users. This is used to assign Credential level permissions to user and group principals within ADFS. Only users with security System Permissions or Security Credential Permissions are able to assign permissions. Click here for more information on permissions.
After selecting a credential which the user is not authorized to access, the credential editor will be replaced with a permission request control. Information about the credential and the administrative contact will be displayed. Selecting the Request Permissions button will send an email to the administrative email address listed in the System Configuration highlighting key information that is required to grant permission.
Copyright © 2023 pasUNITY, Inc.
Send comments on this topic.