Add a Safe
Create a Safe that binds a Resource to a credential and a set of members who may use it.
Approve a pending session
Review and approve a team member's pending session launch from the dashboard or email.
Invite a team member
Add a colleague to your VaultPAM organization and grant them the right role.
Rotate a credential
Change the password or key that VaultPAM injects into sessions β manually or on a schedule.
Share a recording
Give an auditor, manager, or regulator time-boxed read-only access to a specific session recording.
Set up MFA
Enrol a second factor so your VaultPAM sign-in is protected against stolen passwords.
Configure SSO federation
Set up single sign-on federation for VaultPAM using Microsoft Entra ID (Azure AD) or Okta with SAML 2.0 or OIDC.
Backup and recovery
Understand VaultPAM SaaS backup guarantees and perform manual backup and restore procedures for on-premises deployments.