> For the complete documentation index, see [llms.txt](https://docs.devolutions.net/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.devolutions.net/rdm/knowledge-base/how-to-articles/one-identity-safeguard-for-privileged-passwords-entry.md). # One Identity Safeguard for Privileged Passwords entry Devolutions offers One Identity Safeguard integration in Remote Desktop Manager. Leveraging this entry, users can securely retrieve their privileged passwords stored in an external One Identity Safeguard vault without leaving Remote Desktop Manager, eliminating the need for manual input. {% hint style="warning" %} If the integration does not work in Remote Desktop Manager, it might be because your appliance's OAuth2 Grant Types do not include the ***Resource owner***. See One Identity's documentation for more details. {% endhint %} {% hint style="info" %} The One Identity Safeguard integration requires either Remote Desktop Manager Team edition or the [Privileged access management solutions package](https://docs.devolutions.net/resources/getting-started-packages/privileged-access-management-package/) license. {% endhint %} ### Creating the entry 1. Open Remote Desktop Manager. 2. Add a ***New entry*** – ***Credential management*** – ***One Identity Safeguard***. 3. Choose a name, a folder, an ***Authentication method***, and enter the required One Identity Safeguard credentials and configurations in the entry's ***General*** tab (***Username***, ***Password***, ***Asset***, ***Account***). 4. Click on the ***Add*** button. ![](https://cdnweb.devolutions.net/docs/RDMW4346_2025_2.png) {% hint style="info" %} Check [Request credentials from One Identity Safeguard entry in Remote Desktop Manager](https://docs.devolutions.net/rdm/kb/knowledge-base/request-password-access-one-identity/) for more details on the checkout process. {% endhint %} ### One Identity Safeguard general settings Here is a list of the ***General settings*** available in the ***One Identity Safeguard*** entry interface, along with what they do: | SETTINGS | DESCRIPTION | | ----------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Resolving mode** |

Choose a resolving mode between:
- Injection: Retrieves One Identity username and password, in order for them to be injected into sessions.
- Privileged session: Retrieves temporary information from One Identity’s Safeguard for Privileged Sessions proxy to use in sessions.

| | **Host** | Set the One Identity host. The Host field is intended for a resolvable hostname, such as a hostname or a fully qualified domain name (FQDN), and should not include a URL. | | **Use “My account settings”** | When this option is checked, an entry uses the credentials previously set up in **File** – **My account settings** instead of those entered in the **Username** and **Password** fields. | | **Authentication method** | Set **Authentication method** to **Local**, **External Federation**, or **Active Directory**. If you select **Active Directory**, the **Provider** field appears. Select an Active Directory provider using the **…** button. | | **Username** | Enter the relevant One Identity Safeguard vault username. | | **Password** | Enter the relevant One Identity Safeguard vault password. | | **Always ask password** | Check this option to send a password prompt every time the entry is used. | | **Asset** | Choose the relevant asset in the account selected. The asset field is automatically filled upon choosing an account from the list. | | **Account** | Choose from a list the relevant account to connect to. | | **Always prompt with list** | If this option is checked, the entry always sends a prompt asking to choose from the account/asset list whenever used. | --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.devolutions.net/rdm/knowledge-base/how-to-articles/one-identity-safeguard-for-privileged-passwords-entry.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.