The credential checkout feature helps in retrieving the credentials from Credential Vault. The credential checkout feature helps in managing the account credentials and provides the following capabilities:
Provide available shared account credentials and deny access if all the credentials are in use.
Provide users access to the application or database for a fixed period.
After every session, reset the account’s password in the target application to maintain password security.
A Privileged Account Manager administrator can create a privileged account for an application or database and save the application or database administrator credential. These credentials will be used only when resetting or checking in the password. So, when a user requests for credentials to connect to Oracle database or any application, Privileged Account Manager checks for the login credentials available for that application and then provides the credentials to the user. An administrator can monitor the commands that a user runs on any application and audit the report based on the defined risk score.
The following sections provide details on configuring, accessing, and managing a shared account credentials by using the credential checkout feature.