Creating Custom Approvers (Optional)

If dual authorization is enabled, a user who is designated as an approver must grant permission to view the password. A set of preconfigured Credential Manager groups exists, which have roles with the necessary privileges to be an approver. For example, the System Admin Group contains the System Admin role, which has the required privileges for authorizing password views.
capam32
If dual authorization is enabled, a user who is designated as an approver must grant permission to view the password. A set of preconfigured Credential Manager groups exists, which have roles with the necessary privileges to be an approver. For example, the System Admin Group contains the System Admin role, which has the required privileges for authorizing password views.
You can create a role and can add it to a Credential Manager group. Any user that is a part of the group with the new role can act as an approver.
The new role must have the following permissions:
  • List Password View Request Summary By Approver
  • Update Password View Request Status
In addition, an approver must have a valid email address. Their user group must also be able to access the accounts they are approving.
To create an approver role, see Add or Modify Credential Manager Roles.