Symantec Privileged Access Management

Expand all | Collapse all

Password View Requests - One-click approvals - can anyone approve?

Jump to Best Answer
  • 1.  Password View Requests - One-click approvals - can anyone approve?

    Posted 05-15-2019 09:53 AM

    When a PVP triggers a dual-auth email with one-click approval/denial links...

     

    Can anyone click the one-click links regardless of PAM or PM access and privileges ?

     

    That is to say, if the approver forwards the email to someone who doesn't have any privileges in PAM, and that person clicks the approval link, does the request get approved?



  • 2.  Re: Password View Requests - One-click approvals - can anyone approve?
    Best Answer

    Broadcom Employee
    Posted 05-15-2019 10:20 AM

    Hello Seb, Yes, the link includes the authentication information so to speak, otherwise it wouldn't be a one-click action. If you don't want that, don't use it.



  • 3.  Re: Password View Requests - One-click approvals - can anyone approve?

    Posted 05-16-2019 09:35 AM

    Thanks Ralf. I'm asking for a client.

     

    The use case is that they are specifying a shared mailbox as the Dual Auth - approver; But the shared mailbox account has no rights in PAM; The users who access that shared mailbox do.

     

    So naturally, they were concerned if it was going to work or not.

     

    glad to hear that it will.