You can define a workflow hierarchy i.e. specify approvers who must approve a password request before the user can actually access the requested password. A single level workflow means that only one approver has been appointed and that, if this approver approves, the requested password will be granted to the User and vice-versa. A request raised by the Approver is valid only if there exists another approver at the same level.
An Approver can view requests only for the Instance that they are in. Similarly, requests can be raised by Users only within the same Instance that that are in.
- Login to the system and select PAM from the product navigator.
- Go to Policies →Workflow Management →click on Add Workflow.
- Fill in the details in the form. Set Rule type=Workflow , Levels=1, Request type=Password.
- Select an approver in the "Approver' field.
- Make sure that the status is toggled to Active.
- Click on Save.
In case, the checkout policy fails you can reset the password by going to Policies →Checkout Policy →select the respective policy and tick on the "Reset password if failed" option.