Skip to main content

Example: Bravura Safe password synchronization with Bravura Safe

The following example demonstrates how login items in Bravura Safe correspond to user accounts in Bravura Pass , and how changing passwords in Bravura Pass updates corresponding items in Bravura Safe .

Log in to Bravura Safe

  1. Log in to Bravura Safe as user Bonnie Luton.

    safe-login

    This Bravura Safe configuration requires all members of the Enterprise Team to use Bravura OneAuth with a mobile device as a second authentication factor when logging in to their Bravura Safe account.

    safe-oneauth

    In Bravura Safe, a special collection is set up to store managed account credentials.

  2. Locate a collection named "BONNIL". This collection was named using Bonnie Luton's profile ID.

    safe-bonnil-item-collection

    For synchronization, collection names in Bravura Safe are specified to match the profile ID of the user in Bravura Security Fabric .

  3. Locate a login item in the named collection. This example collection has only one login item.

    safe-bonnil-item

    Login items with credentials are stored in the special named collection to be discovered by the Bravura Pass instance and auto-associated to the corresponding user's profile ID. The item must be owned by the Enterprise team and stored in the collection matching the user's Bravura Security Fabric profile ID.

  4. View the current password value and test the login to ensure it can be used to access the corresponding system.

    safe-bonnil-item-value

Log in to Bravura Pass

  1. Log in to Bravura Pass with the ID bonnil.

    safe-sync-pass-login

  2. Initiate a Change passwords request.

    safe-sync-pass-change

  3. View accounts in target system groups.

    safe-sync-pass-targets

    Account objects listed from the Bravura Safe target system will match the list of login items in the corresponding Bravura Safe collection.

    Each Bravura Safe login item a user has linked to Bravura Pass will have a corresponding account in Bravura Pass being discovered from its native target system. Both the item and account are associated to the user's Bravura Pass profile ID to ensure password synchronization between them. In this case, the user has a Bravura Safe login item called "Active Directory" that stores the credential for their Corporate AD account. When the user changes their password, both the account and the Bravura Safe login item passwords are updated simultaneously.

  4. Change passwords for all account objects in the selected target system group in Bravura Pass , which in this case includes the Bravura Safe target item and the respective Corporate AD account.

    safe-sync-pass-new

  5. Confirm the change was successful for both the login item and the account.

    safe-sync-pass-success

Return to Bravura Safe to view item

Log in to Bravura Safe again, and view details for the synchronized login item.

safe-sync-updated

The password was changed for the corresponding login item in Bravura Safe .

In this section: