Adding Permissions to Password Vault Accounts

you can define different authorization levels for the sapm accounts sapm accounts are created by admins, but they are used by other users to give permission rights to these users navigate to sapm management > sapm management open the sapm accounts tab search and select the account to give permissions to, click the options button and then the permissions button select the user group, permission, and save types description read only these users only have the authority to see the dynamic password full control users who have full control permission are admins of password vault accounts these users have full authority, such as resetting, changing the password, and giving permissions to users read only first part these users only have the authority to see the first half of the dynamic password read only second part these users only have the authority to see the second half of the dynamic password one user can be a member of multiple user groups with different rights in this case, the permission order is as follows full control > read only > read only first part > read only second part it means that if a user has full control and read only rights, they will have the full control right, which is superior if they have the read only first part and read only second part rights, they will get the first part of the password