Privileged credentials policy rules enable you to designate privileged consoles with allocated credentials. When you create a privileged credential, you can select the protocol (SSH, RDP, or VNC) and add the related login details (i.e., username, password, SSH key, etc). After the privileged credential and privileged credential pools are set up, you can create the privileged credentials policy to map the privileged credentials to the associated privileged console using SAML and SCIM information.

If you want to configure privileged credentials-based control, you must first create the privileged consoles that you want to assign control to. Then you need to create the privileged credentials or privileged credential pools that you're going to apply the policy to.

About the Privileged Credentials Policy Page

On the Privileged Credentials Policy page (Policies > Access Control > Clientless > Privileged Policies > Privileged Credentials), you can do the following:

1. View a list of applied filters available from the current and previous user sessions. Applied filters must be saved to the user session first before they can be viewed. Use the drop-down menu to select the applied filters to view. To learn more, see Using Tables.
2. Hide the filters on the page by clicking Hide Filters. Click Show Filters to display the filters.
3. Refresh the Privileged Credentials Policy page to reflect the most current information.
4. Filter the information that appears in the table. By default, no filters are applied. You can also save applied filters to your preferences so that they're visible in future user sessions. To learn more, see Using Tables.
5. Add a new privileged credentials policy rule.
6. Expand all the displayed rows in the table to see more information about each policy rule.
7. View a list of all privileged credentials policy rules that were configured. For each rule, you can see:

• Rule Order: The policy evaluation order number for the rule. Policy rules are applied based on the order they are listed here. Change the rule order by clicking on the number and manually entering a new value.

You need to have at least two privileged credential policies created for the first rule privileged credential policy to apply. The privileged credential associated with the last privileged credential policy won't be applied to its related privileged console. Ensure that the last privileged credential policy is one that you do not need to use.

• Name: The name of the privileged credentials policy rule. The description is also displayed here, if available.
• Status: The status of the rule as being enabled or disabled to privileged credentials
• Credential: The name of the privileged credential you have assigned for that specific policy rule.

8. Copy an existing privileged credentials policy rule's criteria, and use it to create a new rule.
9. Edit an existing privileged credentials policy rule.
10. Delete a privileged credentials policy rule.
11. Modify the columns displayed in the table.
12. Display more rows or a different page of the table.
13. Depending on your Admin Portal subscriptions, you see the following policy options:
    • Consoles Policy
    • Portals Policy