Create and Configure a New Group
You can connect Identity Security Insights to both cloud and on-premises instances of Password Safe to automatically scan for associated accounts and track your organization’s identities in summarized visualizations.
To access account and identity information, Identity Security Insights requires you to create a user and group with properly-provisioned roles within Password Safe.
Because this user allows Identity Security Insights to access Password Safe, we recommend you create a new user for this purpose.
To use an existing user, see step 9 below.
To Create and Configure a New Group in Password Safe
- Sign into Password Safe.
-
Create a new group in Password Safe.
- From the left menu, select Configuration > Role Based Access > User Management.
- Click Groups.
- Click +Create New Group.
- Click Create a New Group.
- Enter a group Name.
- Enter a group Description.
- Click Create Group.
The group is created in Password Safe.
- Optionally but recommended, create a new user for the group.
-
Assign the chosen user to the group.
- Under Group Details, select Users.
- From the Show drop-down list, select Users not assigned.
A list of all users not currently assigned to a group displays. - Locate the user you wish to add to the group.
- Click Assign User.
The user assigns to the group.
-
Configure API access for the group.
- Under Group Details, select API Registrations.
- Check the box next to the API registration created for Identity Security Insights.
-
Assign features permissions to the group.
- Under Group Details, select Features.
- From the Show dropdown menu, select All Features.
- Select the following features:
- Analytics and Reporting
- Asset Management
- Password Safe Account Management
- Password Safe Role Management
- Password Safe System Management
- Ticket System
- User Accounts Management
- Click Assign Permissions > Assign Permissions Read Only.
- Click User Audits > Assign Permissions Full Control.
-
Assign Smart Groups permissions and roles to the group.
- Under Group Details, select Smart Groups.
- From the Show dropdown menu, select All Smart Groups.
- Select the All Assets Smart Group.
- Click Assign Permissions above the grid, and select Assign Permissions Read Only.
- Click the vertical ellipsis button for the All Assets Smart Group.
- Select Edit Password Safe Roles.
- Check the Auditor box.
- Click Save Roles.