Jump to content

rookie

Members
  • Posts

    5
  • Joined

  • Last visited

rookie's Achievements

  1. In Passwordstate it is possible to use SAML + MFA, but without specifying the single logout URL (Administration -> System Settings -> authentication options). Therefore, users do not have to log in again with a second factor after logging out on inactivity or by pressing the logout button. After logging out, users are redirected to the logout screen where they can log in again simply by pressing the "Log Back In" button. So far, so good. But for security reasons! (e.g. shared computer) it would be good if there was a way to manually trigger the single logout URL and thus end the user session on the ADFS. One way to accomplish this would be by adding a second button on the logout screen, for example. Some votes for this would be appreciated. Best regards
  2. We are currently migrating all passwords from our old password management solution to Passwordstate. We have many users/groups with a lot of passwords. Currently we are facing the problem that many passwords have to be copied/moved to new password lists and our users have to do this laboriously for each individual password, as the bulk copy/move options are only available for security administrators. Is there a possibility that this feature will be integrated for non-security administrators in the future? For security reasons, we would like to keep the number of security administrators as low as possible. Best regards.
  3. Hello, is there any progress on this topic yet? We also need the possibility to forward the syslog messages to a SIEM in a structured way. Currently there is only one ID (110) for all events and the sent text has no clear structure, which makes it cumbersome to filter out the needed information. So far, only the description from the passwordstate audit log is sent along, which we have to edit via regex to get the desired information. Best regards.
  4. Hello, this worked for us. Thank you very much for your quick reply. Best regards.
  5. Hello, I am currently testing the API. The windows API works fine so far but the standard API seems to have problems. In the system settings "Allow users to make calls to the Anonymous API" is set and a system wide API key was generated. However, the following error occurs with standard API calls: Invoke-Restmethod : [{"errors":[{"message":"Forbidden"},{"phrase":"Making calls to the Anonymous API is not allowed. Please refer to your Passwordstate Security Administrators for more information."}]}] In Zeile:2 Zeichen:12 + $results = Invoke-Restmethod -Method GET -Uri $PasswordstateUrl -Head ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebEx ception + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand Are there any settings that I'm missing? Our current build is 9300. Best regards.
×
×
  • Create New...