SSO Access Level

Discover how Pleasant Password Server will enhance KeePass for business

By default, Access Levels allow SSO Proxy functions, allowing an end user to use a credential via SSO Proxy without even having access to the information stored within it.

Hide SSO Server Proxy

To hide the SSO menu tab: 

Required Permissions for SSO Proxy

Ensure that you and your users have the needed actions on the Access Level permissions:

  • Navigate to Access Levels > Choose the following Actions:
    • View Entry Names - To see the credential access they have
    • Use Via SSO - To use SSO Proxy, to see the SSO Proxy Server tab, and to make adjustments:

SSO Server Menu Tab

  • Navigate to Roles page > Enable these permissions on the role:
    • SSO Server Status
    • SSO Session Recording
    • SSO Settings

Create an SSO Proxy Access Level

You can also restrict SSO access removing it from your default Access Levels and instead setup a new Access Level, only for SSO.

This illustrates the minimum access required to use SSO:

 SSO Only Access Level

Note: In this configuration, the user will not have access to any information about the credential. This Access Level can be used along with other Access Levels to see credential details, or if desired, you can add additional permissions to this one.

  • Navigate to Access Levels -> Select Add New Access Level -> Enter the following: SSO Only
  • Click Save