Symantec Privileged Access Management

  • Private Community
 View Only

  • 1.  Password View Requests - One-click approvals - can anyone approve?

    Posted May 15, 2019 09:53 AM

    When a PVP triggers a dual-auth email with one-click approval/denial links...

     

    Can anyone click the one-click links regardless of PAM or PM access and privileges ?

     

    That is to say, if the approver forwards the email to someone who doesn't have any privileges in PAM, and that person clicks the approval link, does the request get approved?



  • 2.  Re: Password View Requests - One-click approvals - can anyone approve?
    Best Answer

    Broadcom Employee
    Posted May 15, 2019 10:20 AM

    Hello Seb, Yes, the link includes the authentication information so to speak, otherwise it wouldn't be a one-click action. If you don't want that, don't use it.



  • 3.  Re: Password View Requests - One-click approvals - can anyone approve?

    Posted May 16, 2019 09:35 AM

    Thanks Ralf. I'm asking for a client.

     

    The use case is that they are specifying a shared mailbox as the Dual Auth - approver; But the shared mailbox account has no rights in PAM; The users who access that shared mailbox do.

     

    So naturally, they were concerned if it was going to work or not.

     

    glad to hear that it will.