How to setup up a credential in senhasegura
- 5 minutes to read
- Print
- DarkLight
- PDF
How to setup up a credential in senhasegura
- 5 minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
In this tutorial, we’ll provide a step-by-step guide to setting up a credential in senhasegura. Ensure you fulfill the requirements below before proceeding with the configuration steps.
Requirements
- Be registered/enabled as a PAM operator in senhasegura.
- Have a device created.
How to set up a credential
There are two ways to access the Credentials configuration area.
The first way is via the Quick actions menu on the top toolbar. To configure a credential using quick actions, follow the steps below:
- Click on the Quick actions icon, represented by a sheet of paper with a sum sign, and select Credential.
The second way is from the Grid Menu. To do this, follow the steps below:
- In the top left corner of the senhasegura platform, click on the Grid Menu, represented by the nine squares, and select PAM Core.
- In the side menu, select Credentials > All.
- Click on the View Actions icon, represented by the three vertical dots, and click + New.
Both actions will open a new pop-up window, which you must fill in with your data.
In the Information tab
- Username*.
- Password type*.
- Domain.
- Device*.
- Additional information.
- Enable Status* as Active or Inactive to categorize the status.
- Set the password for the credential (limit 256 characters, 70 if the password change is set to automated).
- Choose to generate a random password according to the password policy.
- Optionally, fill in the Tags for identification of the credential.
- Click the Save button.
In the Execution settings tab
- Parent credential: choose the parent credential from the drop-down menu. Note that when you select a parent credential, the child credential will assume the same password as the parent credential. Whenever there is a manual or automated password change on the parent credential, the child credential will also be modified and assume the same password as the parent credential.
- In the Credential password change configuration section:
- Enable automatic change: check this checkbox to make automated credential password exchange active.
- Enable change via agent:
- Change plugin: choose the plugin for automated credential password exchange from the drop-down menu.
- Change template: select the template for automated credential password exchange from the drop-down menu.
- In the Authentication configuration section:
- Use your own credential to connect: select this checkbox to use your own credential to perform authentication.
- Authentication credential: select the credential that will perform authentication from the drop-down menu.
- In the Reconciliation credential configuration section, in the Status option, select the Active or Inactive option. This option enables credential reconciliation. For more information, go to the documentation on How to reconcile credential passwords.
In the Session settings tab
- Connectivity: select the connectivity options to which this credential will have access.
- In the Remote application settings section:
- Restrict access to remote application only: select this checkbox if you want this credential only to have access to one or more remote applications. If you choose this option, you must indicate which remote applications will be accessed by this credential. Fill in the fields below:
- Automation macro (RemoteApp): click the add button to add the applications used. Clicking on the add button will take you to two drop-down menus:
- RemoteApp: select the application you want to give access to the credential from the drop-down menu.
- Connectivity: select the connection protocol that this remote application will use.
- Automation macro (RemoteApp): click the add button to add the applications used. Clicking on the add button will take you to two drop-down menus:
- Use your own credential to connect: select this checkbox to use your own credential to authenticate.
- Authentication credential: enter the credential that will be used for authentication.
- Authentication device: indicate the device where authentication will take place.
- Restrict access to remote application only: select this checkbox if you want this credential only to have access to one or more remote applications. If you choose this option, you must indicate which remote applications will be accessed by this credential. Fill in the fields below:
- In the Certificate section:
- Certificate file: upload the certificate file.
- Key file: upload the key file for authentication.
- Key password: password for the key file.
Alert
- The certificate will only be used when registering a credential to connect to an Oracle database. For more information, see the documentation on Oracle sessions.
- When you upload a certificate, it will be linked to the credential at the time of upload. However, be aware that if you need to edit this credential after saving it, there will be no indication that the certificate file has been uploaded.
- You can replace the certificate by simply uploading the file again if necessary.
In the Additional settings tab
- Identifier (for webservice): enter the identifier of the web service used in the credential.
- User who owns the credential: defines the owner of the credential, the user indicated in this field will be the only one with access to the credential.
- Path on the server: this field is used to specify the location of the credential in the files. This functionality is particularly useful when there is a need to change the password in the files. By providing the path, it is possible to identify precisely where to change the credential on the server.
- Secret key (TOTP): fill in your TOTP key. For more information, see the documentation on how to generate an OTP token.
Alert
For the TOTP feature to work properly, your secret key must be entered in upper case.
- In the Additional fields for authentication section:
- New extra field: by clicking on the plus sign, you can enter additional parameters for authentication. In this case, you can enter the following parameters: Name, Surname, and Value.
- Remarks: fill in relevant remarks in case necessary.
Important
- The limit of credentials varies according to the license contracted with senhasegura.
- The existence of a parent credential does not prevent the password of the child credential from being changed manually or automatically.
How to edit a credential
To edit a credential, follow the steps below:
- On the senhasegura platform, in the top left corner, click Grid Menu, represented by the nine squares, and select PAM Core.
- In the side menu, select Credentials > All.
- In the list, identify the credential you want to edit, and in the Action column, click on the icon represented by the three vertical dots and select the Edit option, represented by the pencil and paper icon, from the drop-down menu.
- In the Credential Registration window, edit the settings you want according to the instructions in this document.
- Click Save.
Next
- How to configure a reconciliation credential.
- How to reconcile a credential.
- How to use the "bulk action" feature for credentials.
- How to register an application credential.
- How to verify the execution history of a credential.
- How to generate a TOTP authentication token.
- Access control reports reference.
- Credential reference.
- Credential management reference.
Do you still have questions? Reach out to the senhasegura Community.
Was this article helpful?