SSO Access Level
Discover how Pleasant Password Server will enhance KeePass for business
By default, Access Levels allow SSO Proxy functions, allowing an end user to use a credential via SSO Proxy without even having access to the information stored within it.
Hide SSO Server Proxy
To hide the SSO menu tab:
Required Permissions for SSO Proxy
Ensure that you and your users have the needed actions on the Access Level permissions:
- Navigate to Access Levels > Choose the following Actions:
- View Entry Names - To see the credential access they have
- Use Via SSO - To use SSO Proxy, to see the SSO Proxy Server tab, and to make adjustments:
- Navigate to Roles page > Enable these permissions on the role:
- SSO Server Status
- SSO Session Recording
- SSO Settings
Create an SSO Proxy Access Level
You can also restrict SSO access removing it from your default Access Levels and instead setup a new Access Level, only for SSO.
This illustrates the minimum access required to use SSO:
Note: In this configuration, the user will not have access to any information about the credential. This Access Level can be used along with other Access Levels to see credential details, or if desired, you can add additional permissions to this one.
- Navigate to Access Levels -> Select Add New Access Level -> Enter the following: SSO Only
- Click Save