Privileged credentials can be used to streamline access to privileged consoles by mapping authentication details using a privileged credentials policy. The user can then gain access to the privileged console that the privileged credentials were designated to. After you create a privileged credential, you can map it to a privileged console by creating a privileged credential policy using the SAML and SCIM policy criteria types.

If you want to use privileged credentials, you must first create the privileged portals and privileged consoles that you want to assign the credentials to. You can create privileged credential pools to group existing privileged credentials.

About the Privileged Credentials Page

On the Privileged Credentials page (Administration > Privileged Remote Access > Privileged Credentials > Credentials), you can do the following:

1. View a list of applied filters available from the current and previous user sessions. Applied filters must be saved to the user session first before they can be viewed. Use the drop-down menu to select the applied filters to view. To learn more, see Using Tables.
2. Hide the filters on the page by clicking Hide Filters. Click Show Filters to display the filters.
3. Refresh the Privileged Credentials page.
4. Filter the information that appears in the table. By default, no filters are applied. By default, no filters are applied. You can also save applied filters to your preferences so that they're visible in future user sessions. To learn more, see Using Tables.

If you are using a Microtenant, then the Microtenant Ownership Type filter is available. By default, the Configured within Microtenant filter option is applied to show the privileged credentials configured within that specific Microtenant. The options for the filter are based on access type (Global and Configured within Microtenant). The Global option filters the information in the table that is configured within the Default Microtenant. The only available operator for this filter type is Equals.

5. Add a new privileged credential.
6. View a list of all privileged credentials that are configured. For each privileged credential, you can see:

• Name: The name of the privileged credential.
• Type: The protocol type that was designated for that particular privileged credential. The protocol type options are SSH, RDP, and VNC. Each protocol type has its own credential requirements.

After the type is selected and the privileged credential is saved, this option can’t be changed.

• Username: The username associated with the credentials you are using.
• Updated Time: The date, time, and time zone that the privileged credential was created.

Privileged credentials that are created in the Default Microtenant are inherited across Microtenants.

7. Edit an existing privileged credential.

If the credentials are changed after you created and saved the privileged credential, you need to update the new credential details (e.g., Username, Password, Private Key) for the privileged credential to continue being used.

8. Move the privileged credential in a Microtenant.

   If privileged credential policies are associated with the privileged credential, then the policies must be deleted to move the privileged credential to a different Microtenant.

9. Delete a privileged credential.
10. Modify the columns displayed in the table.
11. Display more rows or a different page of the table.
12. Open the Zscaler Help Browser and view Help Portal articles without leaving the ZPA Admin Portal.
13. Go to the Credential Pools page to add new privileged credential pools or manage existing privileged credential pools.
14. Go to the Privileged Approvals page to add new approvals or manage existing approvals.
15. Go to the Privileged Consoles page to add new consoles or manage existing consoles.
16. Go to the Privileged Portals page to add new privileged portals or manage existing privileged portals.