This article will walk through the configurations for controlling which privileged accounts users can see in the Centrify Admin Portal. A common use case would be to grant developers or third party vendors access to the privileged accounts they are only allowed to use.

Prerequisite

Your user must have view permissions to the system they need access, to "see" the account they want to use.

1. Create a Role

   a) In the Admin portal, go to Core Services > Roles.

   b) Click on the Add Role button. 
   c) Enter a name for your role.

   d) Select Members and add users/group.

   e) Select Administrative Rights and add the "Privilege Access Service User" right, then click Add.

   f) Click Save.

2. Grant View permissions

   a) In the Admin Portal, go to Infrastructure > Accounts then select the account you want to grant view access to.

   b) In Permissions, click Add and select your user, group, or role.

   c) Select the checkbox to View.

Users with View only permissions will need to request access. If you want users to ask for approval to use an account, be sure to configure Workflow for the account. If you want to allow the user to checkout or login without having to request approval, select the checkbox(es) for Checkout and/or Login.

   d) Press Save.