A customer recently opened a ticket because they were seeing credentials for multiple systems when the access link for a device was clicked. They were expecting to see only the credentials for the device whose access link was clicked. The reason for this was because they'd created a policy for a Device Group for which all the members of the were listed as Credential Sources. When this is done PAM will associate all the Target Accounts that were created for the members of Device Group with the Policy. As a result, they will all be seen when the access link for any member of the Device Group is clicked. If this is not desired then a Device Group configured in this way should not be used.