Page Comparison

...

Expand

title	View Roles

Management Role

Access Granted

PAM Administrator for All Credentials and Computers

This Management is a role bundle that grants people with the role membership in the below Management Roles:

ACT-Shared-Credential-Object-Administration-All
- Grants access to create, edit and delete all shared credentials
UI-IT-Shop-MS-Computer
- Grants access to shop for access to servers in the IAM Shop microservice app
VIS-Groups-LocalWindows
- Grants access to see all Local Windows Server groups
UI-Shared-Credential-PAM-User-Full-Access (Feature Set (UI))
- Grants access to the user interfaces and workflows for managing shared credentials.
UI-IT-Shop-MS-Shared-Credential
- Grants access to shop for Shared Credentials in the IAM Shop microservice app
VIS-Location-All
- Grants access to see all locations
VIS-Accounts-AD
- Grants access to see all Active Directory accounts
UI-Computer-PAM-Local-Identity-Administration
- Grants access to the user interfaces and workflows for managing local computer users, group, IIS App Pools, and Windows services
ACT-Computer-Shared-Credential-Login-All
- Grants access to use a shared credential to initiate a Privileged Session to any computer
VIS-Computer-All
- Grants access to see all computers
VIS-Groups-Linux
- Grants access to see all Linux groups
VIS-Accounts-Linux
- Grants access to see all Linux accounts
UI-IT-Shop-MS-Shared-Credential
- Grants access to shop for Shared Credentials in the IT Shop microservice app
VIS-Accounts-LocalWindows
- Grants access to see all Local Windows Server User accounts
VIS-Shared-Credential-All
- Grants access to see all vaulted credentials
IAM Shop, My Tasks, and My Identity Self-Service Basic UI Access Only - no resource types
- Grants access for the UI to use the IAM Shop, My Tasks, My Identity microservices but does not grant visibility to objects or the UI- roles for each resource type.

PAM Administrator for Credentials and Computers in Person’s Locations

This Management is a role bundle that grants people with the role membership in the below Management Roles:

Easy html macro

theme

{"label":"solarized_dark","value":"solarized_dark"}

contentByMode

{"html":"<!doctype html>\r\n<link href=\"https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css\" rel=\"stylesheet\" integrity=\"sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC\" crossorigin=\"anonymous\">\r\n<link href=\"https://docs.empowerid.com/new_docs.css\" rel=\"stylesheet\">\r\n<script src=\"https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js\" integrity=\"sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM\" crossorigin=\"anonymous\"></script>\r\n <p class = \"bd-callout bd-callout-info\">All access is scoped to credentials and computers \r\n in the person's locations.</p>","javascript":"","css":""}

UI-IT-Shop-MS-Computer
- Grants access to shop for access to servers in the IAM Shop microservice app
UI-Shared-Credential-PAM-User-Full-Access (Feature Set (UI))
- Grants access to the user interfaces and workflows for managing shared credentials.
VIS-Location-MyLocationsAndBelow
- Grants access to see locations in the person’s location and below
ACT-Computer-Shared-Credential-Login-MyLocations
- Grants access to use a shared credential to initiate a Privileged Session to computers in the person’s locations
UI-Computer-PAM-Local-Identity-Administration
- Grants access to the user interfaces and workflows for managing local computer users, group, IIS App Pools, and Windows services
ACT-Shared-Credential-Object-Administration-MyLocations
- Grants access to create, edit and delete shared credentials in the person’s locations
ACT-Shared-Credential-Use-MyLocations
- Grants access to check-out shared credentials in the person’s locations
VIS-Computer-MyLocations
- Grants access to see computers in the person’s locations
VIS-Shared-Credential-MyLocations
- Grants access to see vaulted credentials in the person’s locations
ACT-Computer-Object-Administration-MyLocations
- Grants access to create, edit, and delete computers in the person’s locations
UI-Computer-PSM-User-Full-Access
- Grants access to the user interfaces and workflows for managing computer objects for PSM
UI-IT-Shop-MS-Shared-Credential
- Grants access to shop for Shared Credentials in the IAM Shop microservice app
IAM Shop, My Tasks, and My Identity Self-Service Basic UI Access Only - no resource types
- Grants access for the UI to use the IAM Shop, My Tasks, My Identity microservices but does not grant visibility to objects or the UI- roles for each resource type.
ACTACT-Computer-Shared-Credential-Assigner-MyLocations
- Grants access to assign and unassign shared credentials to computers in the person's locations

PAM Administrator for Credentials and Computers in Person’s Organization

This Management is a role bundle that grants people with the role membership in the below Management Roles:

Easy html macro

theme

{"label":"solarized_dark","value":"solarized_dark"}

contentByMode

{"html":"<!doctype html>\r\n<link href=\"https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css\" rel=\"stylesheet\" integrity=\"sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC\" crossorigin=\"anonymous\">\r\n<link href=\"https://docs.empowerid.com/new_docs.css\" rel=\"stylesheet\">\r\n<script src=\"https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js\" integrity=\"sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM\" crossorigin=\"anonymous\"></script>\r\n <p class = \"bd-callout bd-callout-info\">All access is scoped to credentials and computers \r\n in the person's organization.</p>","javascript":"","css":""}

UI-IT-Shop-MS-Computer
- Grants access to shop for access to servers in the IAM Shop microservice app
UI-Shared-Credential-PAM-User-Full-Access (Feature Set (UI))
- Grants access to the user interfaces and workflows for managing shared credentials.
VIS-Location-MyLocationsAndBelow
- Grants access to see locations in the person’s location and below
ACT-Computer-Shared-Credential-Use-MyOrg
- Grants access to use a shared credential to initiate a Privileged Session to computers in the person’s locations
UI-Computer-PAM-Local-Identity-Administration
- Grants access to the user interfaces and workflows for managing local computer users, group, IIS App Pools, and Windows services
UI-Computer-PSM-User-Full-Access
- Grants access to the user interfaces and workflows for managing computer objects for PSM
ACT-Computer-Shared-Credential-Assigner-MyOrganization
- Grants access to assign and unassign shared credentials to computers in the person's organization
UI-IT-Shop-MS-Shared-Credential
- Grants access to shop for Shared Credentials in the IAM Shop microservice app
VIS-Shared-Credential-MyOrg
- Grants access to see vaulted credentials in the person’s organization
VIS-Computer-MyOrg
- Grants access to see computers in the person’s organization
IAM Shop, My Tasks, and My Identity Self-Service Basic UI Access Only - no resource types
- Grants access for the UI to use the IAM Shop, My Tasks, My Identity microservices but does not grant visibility to objects or the UI- roles for each resource type.
ACT-Computer-Shared-Credential-Login-MyOrg
- Grants access to use a shared credential to initiate a Privileged Session to any computer in person's organization
ACT-Shared-Credential-Object-Administration-MyOrg
- Grants access to create, edit and delete shared credentials in the person’s organization
ACT-Computer-Object-Administration-MyOrg
- Grants access to create, edit, and delete computers in the person’s organization

...

Versions Compared

Old Version 2

New Version Current

Key