Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Need information on the Change Password flow for the automatic password rotation for Custom Apps

gazanjum
Regular Contributor
Regular Contributor

‎05/09/2023 12:32 PM

Hi Team,

Could someone confirm if the below understanding of the Change Password flow for automatic password rotation of local admin account of Custom Apps is correct:

Automatic Password Rotation for Custom Apps: when we go to the manual password update via Home--->Change Password for Service Account

1. The user enters the password (123) for the local admin account for the first time. 2.User submits the request. 3.A Change Password task is triggered, and the password is updated in Vault. 4.Now, the ConnectionJSON is invoked, which in turn establishes a connectivity to the target system using the Master Account credentials present in that ConnectionJSON. 5.The Master Account logs into the target system 6. Now the ChangePasswordJSON process is invoked where the Master Account tries to reset the same password (123) which user has entered in Step 1 using the ChangePasswordAPI. 7.Once it sets the password on both Saviynt and then the target system same, the ChangePassword task is marked as complete. 

Labels:
0 Kudos
3 REPLIES 3

NageshK
Saviynt Employee
Saviynt Employee

‎05/10/2023 07:35 AM

@gazanjum Thanks for posting your question. 

Yes, your understanding is correct. 

Thanks,

Nagesh K

aryan9975
New Contributor II
New Contributor II
In response to NageshK

‎05/16/2023 01:07 AM

Hi @NageshK 

Following up on Gazala's request - 

This is what Saviynt Support team mentioned -"Once it sets the password change succeeds in Target then password is updated in vault and the ChangePassword task is marked as complete"

However what we have been hearing from Nirav is that the password change first happens on the vault and then on the target application .

Can you please confirm this notion ?

 

Thanks

Aryan

0 Kudos

Nirav
Saviynt Employee
Saviynt Employee
In response to aryan9975

‎05/16/2023 02:30 PM - edited ‎05/16/2023 02:30 PM

Hi Aryan,

 There may have been a misunderstanding, password change is triggered in Saviynt, and a random password is generated based on password policy for the endpoint. Saviynt application will attempt to update the random password first in target to ensure that the new password is successful and based on response from target application it updates the password in the vault.

 

Regards,

Nirav

0 Kudos
Copyright © 2024 Khoros, LLC