User credential owner setting

PAM Core
,
1

Hi!
Just wanted to clarify what User credential owner setting actually does.
As it’s stated in the documentation, the owner should always have access to credentials owned by them:

  • User credential owner: You can define a senhasegura user owner of the credential. When determined, only the owner user will always have access to the credential and can make changes to it;

However, while testing, my user doesn’t have access to credentials owned by him unless I explicitly create an access group to provide such access. So, what is the idea behind this User credential owner setting then?

2

Hi @andriirebets,

Yes, it will still be necessary to configure an access group for the user to see the credential. The difference will be that once a credential has an owner, no other user, even if they see that credential, will be able to start a session or perform a password withdrawal on it. Only the owner can perform this action after viewing the credential.

1 Like