Using the Browser Extension

  1. Create a new record in PAM using the type WEB Portal.
  2. Within this record, enter the following parameters:

    Name: Enter an easily recognizable name for this record that will be used for selection in the extension.

    Description: Optionally enter a description for this record. The description will not appear in the Extension.

    URL: Enter the URL to the login or signin page that contains the web login form.

    User: Enter the username to be populated.

    Password: Enter the password for the username.

     

    RecordWEBPortal

     

  3. Once the record is created, share this record with a user or group with at least the Unlock role. You may now configure PAM to include users with Viewer permissions.
  4.  

    Extension-GrantAccess

  5. In either Mozilla Firefox, Google Chrome, Microsoft Edge or Opera, open the Extension store and add the Imprivata Privileged Access Management extension to your browser.
  6. When the Extension is deployed, locate and click the Privileged Access Management extension in your browser window to open it for the first time.
  7. Extension-BrowserButtonLocations

    Browser Extension location in default configurations. Mozilla Firefox (top), Google Chrome (middle) and Opera (bottom).

  8. Enter or copy/paste the URL to Privileged Access Management into the field and click the Login button. The PAM URL is the one that is used to initially login to the system. The default URL is http://localhost:8080/xtam but often times this is modified.
  9. If you are unsure, please contact your Privileged Access Management Administrator for assistance.

    Extension-ConfigurationURL

  10. A new browser tab or window will open and load the Privileged Access Management login page. Enter your PAM username and password and then log in as usual.
  11. Once logged into PAM, you may close this browser window or tab and return to your previous. Open the Extension again to load your records.
  12. In the Extension, select the record and then click the web page’s login or signin button to complete the login procedure. If only one record for this login was found, the Extension will automatically populate the credentials once opened. If two or more records are found, then you must choose and click the Record Name to populate the desired credentials.
  13. Extension-One-More-RecordsDisplayed

    A user’s view of one record displayed in the Extension (left) and multiple records (right).

And that’s it.

PAM System Administrators have access to every record in the system, including records from other users private vaults. In that reason the PAM Browser Extension will show all records that the user has access to, including the records from other users private vaults.

PAM Users with PAM System Administrators role who are using a Web browser that has the PAM Browser Extension enabled, browse to a website login page, can see the records for all users who have stored credentials for that site.

It is highly recommended that your daily use User's accounts, including daily use Administrator's account, are not granted the role of System Administrator. Instead create a PAM Local User account (or a separate AD account) so that Administrators they can then login and administer PAM as needed.

You can continue to create additional records in PAM server for other web portal login forms and share these with your users and teams.