|SafeGuard Enterprise Security Officers / Security officer roles|
Additional officer authentication (also referred to as two persons rule) may be assigned to specific actions of a role. This means that the user of this role is only permitted to perform a certain action if a user of another role is present and confirms it. Each time the user performs this action another user has to confirm it.
Additional authentication may be assigned to both predefined and custom roles. As soon as there is at least one other officer with the same role, the own role can also be selected.
The role which is to perform the additional authorization must have been assigned to a user and there need to be at least two security officers in the SafeGuard Enterprise Database. Once additional authentication is required for an action, it is required even if the user owns another role that does not require additional authentication for this action.
If an officer without the right to change the additional authentication creates a role, settings for additional authentication of the new role will be pre-filled to match those set for the creating officer.