User Manual 4.19.0¶

Introduction¶

This guide explains how a User will register and use the Excalibur system.

As a User, you will use the Excalibur system to securely log in and access company resources, such as PC clients, VPNs, and web applications. You will use the Excalibur mobile app as your personal security token to access the Dashboard and manage your sessions.

The Dashboard is your central hub, where you can find your profile and access your assigned PAM resources. From here, you can start new sessions, review recordings of past sessions, and search for text within those recordings.

Info

The features available to you in the Dashboard depend on how the Excalibur system is configured at your organization. This guide focuses on the standard features available to the User role.

Excalibur Mobile Application¶

Download Excalibur v4 Mobile Application¶

Before you can use Excalibur, you need to install the Excalibur v4 mobile application. You can find links to the App Stores in your email invitation, on the registration page, or at https://getexcalibur.com.

Android: Google Play Store (Requires Android 7.0 - Nougat or higher)
iOS: App Store (Requires iOS 15.6 or higher)
Huawei: AppGallery

Info

Ensure your device meets the minimum system requirements for the best performance.

Main screen¶

The app's main screen provides a simple interface for scanning QR codes to log in. From here, you can also access your notifications and settings to manage your accounts.

Notifications¶

Overview¶

You will receive notifications when there are Peer Verification or Just in Time Access requests from other users. To view your notifications, tap the bell icon in the main screen.

Notifications support infinite scrolling, loading 10 items at a time, and a pull-to-refresh function to ensure you always have the latest updates.

If your device is disconnected from a server or the internet, a warning appears to let you know some notifications may not be available.

Figure 4. Disconnected deployments warning

Sort and Filter Notifications¶

You can sort your notifications by date, filter them by server or type of notifications:

Figure 5. Sort notifications by date, filter by server or type

Notification details¶

Each notification displays the requester's name, the requested action (e.g., "Authentication to Dashboard"), the requested PAM target, the tenant name and the server name. For peer verification request, in addition, it shows the time remaining until the verification expires.

Figure 6. Peer verification request details

Figure 7. Just in Time Access request details

Tapping on each request opens its details page and actions.

Figure 8. Peer Verification and Just in Time Access details and actions

Approve or Deny Peer Verification and Just in Time Access Requests¶

To approve, select your account (approver name) and tap Approve.

Figure 9. Approve peer verification and Just in Time Access requests

To deny a Peer Verification request, select your account (denier name), optionally provide a reason for denial, and tap Deny.

Figure 10. Deny peer verification and optional reason for denial

To deny Just in Time Access requests, select your account (denier name), provide a reason for denial, and tap Deny.

Figure 11. Deny Just in Time Access request with reason

Requirements

Approvers must verify their identity using PIN, biometrics, location, and secure digital signatures before approving or rejecting verification requests. This ensures that only authorized users can approve requests and that all actions are fully auditable.

Info

In Notifications, you can Approve or Deny other user requests.

In Settings, you can Cancel your own request.

Notification History¶

To view your notification history, tap "View History".

The history view shows intuitive icons helping you to track past verifications easily.

Settings¶

To access the settings menu, tap the gear icon in the bottom-right corner. This menu allows you to manage your accounts and app preferences:

Companies
Peer verification
General settings
Other settings
Update Notification (when there is an available update. See Update Notification section for details).

Figure 14. Excalibur mobile app settings

Companies¶

In the settings menu, tap on Excalibur to expand the list of the companies you are registered with.

Select an environment name to view its details, including the server address, your registered accounts, and the tenants you can access. To remove an account, tap the Delete button.

Figure 16. Excalibur mobile app company details

Info

Your registered accounts are sorted by tenant.
You can tap on a username to copy it to your clipboard for quick sharing.
If you delete an account while offline, the action is saved and will be completed automatically once your device reconnects to the internet. This ensures that your changes are not lost.

Peer Verification¶

This section show your own peer verification requests.

Tapping on Pending Verification to all your pending requests.

Figure 18. Pending peer verification requests

You can sort requests by date, filter them by server and type, view history with intuitive icons, view verifications details. Refer to the Notifications section for similar information.

Figure 19. Verfications history and Notification history

Unlike the Notifications section, where you can "approve" or "deny" incoming requests, this view allows you to Cancel your own pending request.

Figure 20. Verification request details and Cancel button

General Settings¶

In this section, you can customize the app's behavior by enabling or disabling Vibration for feedback and choosing whether to share Usage and diagnostics data.

Other Settings¶

You can change Language settings and view Application Information.

Language: Change the app's display language.

Figure 23. Change app language: English or Slovak

Application Information: View details about the app, including its Version, Contact Information, and Legal Information.

Update Notification¶

When there is an available update, there will be a notification in the settings menu.

Click on Settings, it will show:

The current version and the latest available version
Highlights of what’s new in this release
Easy options to update immediately or be reminded later

Tapping “Update Now” or “Go to Store” takes you directly to the app store to update quickly and easily. For important security updates, the app will clearly indicate their significance and encourage immediate updating to keep your experience safe and secure.

You can dismiss or postpone updates while continuing to use the app, and the system will remind you again after a reasonable interval.

Registration¶

Info

Registration is a one-time process. If you have already registered, you can skip this section and proceed to the Login section.

The Registration process creates a secure link between the Excalibur app on your phone and your company's Excalibur system. To begin, a system administrator will send you an invitation email.

Before you start, you will need:

The registration link sent by your system administrator in the invitation email.
Your company account password, or an OTP code from your administrator if you are using a local identity store.
The Excalibur v4 mobile app installed on your device (see Section Download Excalibur v4 Mobile Application for details).

Steps:

Open the invitation email from your system administrator. It contains a unique, time-limited registration link. Click the link or copy it into your web browser to get started.

Figure 28. Email invitation
On the registration page, either enter your company account password or if you are a user of a local identity store, enter the OTP code provided by your administrator.

Figure 29. Registration page - enter your OTP code

Info

The Excalibur app is available on Google Play Store, Apple App Store, and Huawei AppGallery. Click the appropriate icon to download.
After your password or OTP code is verified, a unique QR code will appear on the screen.
Open the Excalibur v4 app on your phone. If it's your first time using it, the app will ask for permission to use your camera. Allow access so you can scan the QR code.
Check that your registration details in the app are correct, then confirm.
Tap Register and allow the app to access your location. This is used as an additional security measure.
To finish, create a PIN or set up biometrics (like a fingerprint or Face ID), depending on your phone's features.
You are now registered!

The Excalibur app is your security key for passwordless login. Follow these steps to log in to the Dashboard using the Excalibur app:

Go to the Excalibur Dashboard login page (provided by your administrator), where you will see a QR code.
Open the Excalibur app on your phone and scan the QR code.
If you have multiple accounts, select the one you want to use.
Confirm the login on your phone using your PIN or biometrics.
You will be logged in to the Dashboard automatically.

Excalibur supports several login methods, but you must use the online QR code method described above to access the Dashboard.

Figure 31. A successful login confirmation.

Dashboard Overview¶

The Dashboard is the primary web interface for all users of the Excalibur system. It is used for managing your profile, accessing PAM resources, and reviewing your activity.

Info

In the Dashboard, every list allows you to filter, sort, and search for items.

Overview¶

Figure 32. Dashboard views correspond to the user roles in the Excalibur system.

Tenant Selector¶

If you have access to multiple tenants, you can switch between them using the tenant selector in the top-right corner.

User Profile¶

Click the user profile icon in the top-right corner to open a dropdown menu with the following options: User Details, Preferences, Passkeys, Logs, Logout.

User Details¶

Select your username from the User Profile menu to open your user page. From here, you can access different tabs: General details, Audit Logs, Accessible Targets, Sessions, Actions, Permissions.

General details¶

You can view the general information of the user: Name, Surname, E-mail, Created, Last Logged, User Group Memberships

Audit Logs¶

You can view the logs of your actions in the system.

Accessible Targets¶

You can have an overview of PAM targets and target groups that this user can access.

Sessions¶

You can have an overview of PAM sessions associated with this user.

Actions¶

You can have an overview of this user's actions within the application such as authentication, authorization, or registration events. Detailed information is available by selecting a specific action. It is identical to the Actions page described in Section Management - Actions.

Permissions¶

You can have an overview of permissions assigned to this user.

You can search for specific permissions using the search bar.

You can also filter permissions by types such as READ, CREATE, UPDATE, DELETE, AUDIT, OTHER.

Figure 43. Filter user permissions by UPDATE type

Preferences¶

Select Preferences from the User Profile menu to open the Preferences page.

On this page, you can change the display language and switch between your assigned roles.

Language Selection¶

Role Switcher¶

You can switch between the different roles you have access to. Your available roles are displayed in the Role box.

Passkeys¶

Select Passkeys from the User Profile menu to open the Passkeys page.

Passkeys are a simple and secure way to log in without a password. Instead of a password, you use your device (with a fingerprint, face scan, or PIN) to prove it's you. Each Passkey is unique to your account and is stored securely on your device, in a third-party app, or on a hardware key like a YubiKey.

Create a Passkey¶

To create a new Passkey, click the plus button.

Give your Passkey a descriptive name and a brief description of its purpose, then click Confirm.

After creating a Passkey, you can see it in your Passkeys list, which shows its name, description, usage count, and creation date.

Once a Passkey has been added, you can log out and use it to log back in.

From the login screen, instead of scanning the QR code, click LOGIN WITH PASSKEY and follow the prompts on your device to log in to the Dashboard.

Figure 51. Click `LOGIN WITH PASSKEY` on the Login screen

After completing these steps, you will be successfully logged in to the Dashboard.

Passkey Audit Logs¶

Info

Audit logs are available only for users with the Auditor or Administrator role.

Users with the appropriate permissions can view the audit logs for their Passkeys by clicking a Passkey on the Passkeys settings page.

Passkey Registration Error Handling¶

The Passkey registration process includes clear error messages to help users troubleshoot common issues.

"No Passkey has been selected for deletion"
"Missing discoverable credential support"
"Missing user verification support"
"No supported public key credential parameters algorithm"
"One Passkey already exists on this device. Please remove it first."
"Passkey registration ceremony was aborted"
"Invalid domain"
"Invalid Relying Party ID"
"Invalid User ID length."
"Malformed public key credential parameters"
"Passkey registration failed"

Logs¶

Info

Logs older than 30 days are automatically deleted.
Logs are stored persistently in the browser that you are using. A different computer, or a different browser on the same computer will have different logs.

The user can access Error and Warning Logs in the profile menu.

Figure 54. Access to Logs in the profile menu

The Logs icon shows the number of current logs. Clicking the Logs icon opens a list of errors and warnings.

Figure 55. Clicking the Logs display error and warning logs

Users can filter the view to show only errors or only warnings

Figure 56. Filter the view to show only errors or only warnings or all

Each log entry includes copy and delete buttons.

You can also clear all the log entries by a "clear" button at the bottom.

Logout¶

Select Logout from the User Profile menu to log out of the Dashboard.

Overview¶

The navigation panel on the left contains several sections. This document focuses on the User role, which has access to the following:

Management: Actions, Authenticators, Peer Verification, PAM
SAML: Service Providers
Settings: About

Navigation Breadcrumbs¶

Breadcrumbs show the path to your current location within the Dashboard.

The navigation panel is expanded by default. To save space, you can collapse it by clicking the "menu" icon.

Figure 61.1. Navigation side panel - expanded

Management¶

Actions¶

Overview¶

This page shows a detailed history of your activity in the system, including authentications, authorizations, and registrations.

To see more details about a specific action, click on it. A side panel will open with information organized into the General, Location, and Validation Result tabs.

General Tab¶

Figure 63. Action authentication - General

Location Tab¶

Figure 64. Action authentication - Location: Map view (names have been blurred)

Figure 65. Action authentication - Location: Satellite view (names have been blurred)

Validation Result Tab¶

The Validation Result tab shows all the security policies that were checked for the action. Each policy is displayed in an expandable section. When you expand a section, you will see all the rules within that policy. Rules that were met are marked with a green checkmark, while rules that were not met have a red cross.

Each policy also displays additional details like the date and time, the phone’s IP address, and its connection status.

Figure 66. Action authentication - Validation result

Authenticators¶

This section lists all your registered security tokens (your mobile devices) and provides general information about them.

Clicking on a token opens its details page.

Peer Verification¶

This section displays all pending, resolved and your own peer verification requests.

Info

You can also view details and handling peer verification requests on Excalibur v4 mobile application. Refer to the Mobile - Notifications and Mobile - Peer Verification sections for more details.

Pending Verifications¶

You will receive a notification in the dashboard when there is a new peer verification request.

Figure 71. New peer verification request notification

Info

You will also receive a notification on your Excalibur v4 mobile application. Refer to the Mobile - Notifications section for more details.

In Actions column, you can Approve or Deny other users' requests or Cancel your own requests.

When "Cancel" a request, a confirmation dialog appears.

Figure 72. Cancel peer verification request confirmation

When deny a request, you can optionally provide a reason for denial.

Figure 73. Deny peer verification with optional reason for denial

Once confirmed, you will see a notification in the bottom of the screen.

Figure 74. Peer verification action confirmed notification

Clicking on each row will show more details of the verification and possible actions: Approve, Deny or Cancel.

Resolved Verifications¶

You can view all your resolved peer verification requests in this tab: Approved, Denied or Closed requests.

Your Own Verifications¶

You can view all your own peer verification requests in this tab: Pending, Timed out, Approved, Denied or Closed requests. You can also perform the Cancel action on your pending requests in the Actions column.

Just in Time Access¶

Overview¶

This page allows you to view and manage your Just in Time Access requests.

How Just in Time Access Works¶

An admin will need to configure Just in Time Access security policies for specific PAM target groups and user groups. The admin also need to specifiy approvers.

Below is a high level overview of how Just in Time Access works:

When a user tries to access a PAM target that is protected by Just in Time Access, they will request privileged access, specifying a time window and reason.
Assigned approvers are notified via mobile, dashboard, and/or email. They can review the request details and either approve or deny it.
Once approved, access is granted only during the approved time window.
When the window expires—or access is revoked—all active sessions are terminated automatically.

Smart time-based access¶

In each tab, you can clicking on calendar view will show you all pending requests in a calendar format, making it easier to visualize and manage your access requests over time.

Figure 79. Just in Time Access - calendar view

Status of Just in Time Access requests¶

The status of each request is indicated by intuitive icons:

Pending – Awaiting approval
Approved – Access granted within the defined time window
Denied – Request rejected by an approver
Closed – Access window has expired
Canceled – Request withdrawn by the requester or an authorized user

Pending requests¶

Clicking on calendar view will show you all pending requests in a calendar format, making it easier to visualize and manage your access requests over time.

Figure 81. Pending requests - calendar view

Clicking on a pending request will show more details and possible actions: Approve or Deny.

If you choose to approve a request, you will need to verify your identity using your token by scanning the QR code.

Figure 83. Approve Just in Time Access request - QR code for token verification

If you choose to deny a request, you must provide a reason for denial.

Resolved requests¶

Clicking on calendar view will show you all pending requests in a calendar format, making it easier to visualize and manage your access requests over time.

Figure 86. Resolved requests - calendar view

History¶

Clicking on calendar view will show you all pending requests in a calendar format, making it easier to visualize and manage your access requests over time.

My requests¶

Clicking on calendar view will show you all pending requests in a calendar format, making it easier to visualize and manage your access requests over time.

Automatic and Manual Session Termination¶

All active sessions end automatically when the JIT window expires.

Users receive countdown warnings at: 15, 10, 5, and 1 minute before session end.

If a JIT event is canceled or revoked:

All associated sessions are terminated immediately.
Users are shown a clear termination notification.

Figure 91. JIT Session Termination Detail

Auditing and Actions¶

Authorization actions link directly to JIT details on the PAM target
Verification actions link directly to the related JIT event
Security policy evaluation results remain unchanged and fully visible

Email Notifications¶

Approvers receive email notifications when approval is required
Requesters receive email notifications when access is:
- Approved
- Denied (including the denial reason, if provided)

Figure 93. Email notification for Just in Time Access request

PAM¶

The PAM section is where you access secure company resources (PAM Targets). All sessions are recorded, and every action you take is digitally signed to ensure security and accountability.

Targets¶

The Targets tab displays a list of all PAM targets you have permission to access.

You an filter the target by type.

Possible Actions:

Connect to Target: Start a session with the selected PAM target. For detailed instructions, refer to the PAM Manual.
View Target Details: See more information about the selected PAM target. As well as details about the target, you can review, download or delete the recording of previous sessions with this target.

Figure 96. View Target Details: General information about the PAM target

Figure 97. View Target Details: A list of all session recordings associated with the current PAM target.

Web Application Streaming¶

— Why Testing Against Public Websites Doesn't Work (And Why It Doesn't Matter)

You tried to stream a publicly available website through our PAM Web Application Streaming feature and ran into one or more of the following:

Anti-bot protection kicked in (CAPTCHA, Cloudflare challenge, Akamai bot detection)
IP blocking — the target website rejected the connection because it originates from a cloud datacenter IP range
Geo-IP restriction — the website denied access based on the geographic location of the PAM gateway
Rate limiting or behavioral analysis — the website flagged the session as suspicious

This is expected. This is not a bug. And most importantly — this scenario will never occur in a real PAM deployment.

What You Are Trying to Do vs. What PAM Is Designed For

When you point PAM Web Application Streaming at a public website, you are asking our PAM gateway — running in a cloud datacenter — to open an isolated browser session to a website that has no idea who we are, doesn't trust us, and is actively trying to keep us out.

Public websites invest heavily in protecting themselves against exactly this kind of traffic: automated, proxied connections originating from cloud infrastructure. From their perspective, our PAM gateway looks no different than a bot, a scraper, or an attacker.

The public website doesn't know you. It doesn't trust you. It doesn't want automated cloud-based traffic. It is doing exactly what it was designed to do — blocking you.

Spending engineering effort trying to bypass these protections is:

Irrelevant — this scenario doesn't exist in production PAM deployments
Potentially harmful — circumventing anti-bot protections may violate terms of service of those websites
A waste of time — every hour spent on this is an hour not spent on real product value

How PAM Web Application Streaming Actually Works in Production

In every real-world PAM deployment, the target web application is an internal, organization-controlled system. The customer owns both the PAM gateway and the target application, and they configure the network path between them to be trusted and permitted.

There is no anti-bot protection. There is no IP blocking. There is no CAPTCHA. There is no adversarial relationship between PAM and the target. The entire point is that the organization wants PAM to access the application — that's why they bought it.

Our Web Application Streaming works by capturing DOM mutations (snapshots) from the isolated browser session on the PAM gateway and transmitting them to the operator's browser, where the session is reconstructed on the PAM client. This approach delivers a faithful, high-fidelity reproduction of the target application's UI. The operator interacts with the reconstructed session in their browser — they never have direct network access to the target application, and they never see or handle privileged credentials.

Notice the fundamental difference:

	Public Website (your test)	Real PAM Target (production)
Who owns the target?	Someone else	The customer
Does the target know about PAM?	No	Yes — PAM is explicitly configured
IP blocking?	Yes — cloud IPs are blacklisted	Inverted — PAM IP is allowlisted
Anti-bot protection?	Yes — you look like a bot	No — there is no untrusted traffic to protect against
CAPTCHA?	Yes — prove you're human	No — the session is machine-brokered by design
Trust relationship?	None — adversarial	Full — both sides are under the customer's control

What Applications Are Actually Behind PAM?

PAM Web Application Streaming protects administrative interfaces to critical infrastructure — systems where privileged access must be controlled, credentials must be vaulted, and sessions must be recorded.

Category	Examples
Network & Security Devices	Cisco ASDM, Fortinet FortiGate, Palo Alto Panorama, F5 BIG-IP, pfSense
Hypervisor & Hardware Mgmt	VMware vSphere/vCenter, Proxmox, Dell iDRAC, HPE iLO, Nutanix Prism
Containers & Cloud	Kubernetes Dashboard, Rancher, Portainer, OpenShift Console
Databases	phpMyAdmin, pgAdmin, Oracle Enterprise Manager
CI/CD & DevOps	Jenkins, GitLab (self-hosted), Artifactory, SonarQube, ArgoCD
Security Operations	Splunk, QRadar, Nessus, Qualys, certificate management UIs
Business Applications	SAP, Oracle EBS, internal ERP/HR/Finance admin panels
Identity Infrastructure	Active Directory web consoles, LDAP admin UIs, IAM portals

What all of these have in common:

They are internally hosted or deployed as private instances — not public SaaS
They are not exposed to the public internet
There is no anti-bot protection between PAM and the application
The PAM gateway's IP is explicitly allowlisted
The organization controls both sides of the connection

So What Should You Use for Demos and Evaluations?

If you need to demonstrate or evaluate Web Application Streaming, use applications that represent the real use case. All of the following can be deployed in minutes and provide a rich, dynamic UI experience:

Application	What It Simulates	Setup
Grafana	Monitoring dashboard (rich, dynamic UI)	`docker run -d -p 3000:3000 grafana/grafana`
Jenkins	CI/CD admin console	`docker run -d -p 8080:8080 jenkins/jenkins:lts`
Portainer	Container management platform	`docker run -d -p 9443:9443 portainer/portainer-ce`
phpMyAdmin	Database administration	`docker run -d -p 8080:80 phpmyadmin/phpmyadmin`
GitLab CE	Full DevOps platform	`docker run -d -p 8080:80 gitlab/gitlab-ce`
pfSense / OPNsense	Firewall admin (most realistic)	VM deployment (~30 min)

These applications are:

Under your control — no external dependencies
Representative of real PAM targets
Free of anti-bot, IP blocking, or CAPTCHA issues
Rich, dynamic, JavaScript-heavy UIs that properly test streaming performance and DOM snapshot fidelity

The Takeaway

PAM Web Application Streaming is not a generic web browser proxy. It is a purpose-built privileged access control mechanism for internally hosted, organization-controlled web management interfaces.

When you test it against a public website and get blocked — that's not our product failing. That's the public internet doing its job. And in every real customer deployment, that situation simply does not exist.

If you've landed on this article because you just hit an anti-bot wall or an IP block during a demo — now you know why. Close that public website, spin up a Grafana or Jenkins container, and you'll have a working, production-representative demo in under five minutes.

Sessions¶

Sessions overview¶

By default, all PAM sessions are logged for auditing purposes. In the Sessions tab, you will see a list of your past and active PAM sessions.

You can view the PAM target name, the username and account created the session, the session start and end time, the duration and some possible actions.

Play Recording: Click play button to replay the session recording.
Download Recording: Click download button to save a copy of the session recording to your computer as a .guac file.
Download Typescript: Export the session transcript as a Typescript file.

Info

You can replay .guac files at https://player.glyptodon.com/ or convert them to MP4 using guacenc (https://github.com/litios/Guacenc-Docker).

Coming soon: You’ll be able to export recordings to standard video formats directly from the Dashboard. When this is available, the option to download .guac files will be removed.

Session activity timeline, playback and file transfers¶

Clicking on a session to view its activity timeline and playback. This page also includes a "File Transfers" table that logs all files uploaded or downloaded during the session.

Sessions capture key events such as session start/end, file uploads and downloads, user inputs action including typed input, copy and paste from clipboard. You can use the built-in searchable history to find specific actions or inputs. You can also filter events by key events.

Figure 101. Search and filter session events

A visual activity timeline displays user actions and events in chronological order.

Quick navigation: Clicking any event on the left allows you to jump to that specific moment in the session recording on the right.
Live playback sync: When playing the recording on the right, the timeline automatically scrolls to highlight the current event being played.
Optimized for performance: Large sessions load smoothly with progressive loading for a fast responsive experience.

Figure 102. Activity timeline with different event types

You can also download the files transferred during the session from the "File Transfers" table.

Enhanced Anomaly Detection in Session Timeline¶

The Session Detail page now visually highlights AI-flagged events in the session timeline, helping users quickly identify suspicious or risky activity.

Event Types:
- Anomaly Detected – AI flagged a suspicious event (expandable row shows details)
- Session Resume – User continued the session after an anomaly
- Session Terminated – User ended the session after an anomaly
Timeline Enhancements:
- AI-flagged events are clearly highlighted for quick recognition
- Existing timeline functionality (navigation, click-to-seek, active event highlighting) is preserved
- Filter button allows viewing only Anomaly Detection events

This improvement makes session investigations faster, more intuitive, and more effective.

Sensitive Input Highlighting in Session Timeline¶

Session timelines display all user inputs, including typed and pasted content, during and after a session.

Inputs to sensitive fields are clearly marked in the timeline
Helps quickly identify when sensitive information was entered or modified
Works alongside existing timeline features for navigation and investigation

This enhancement improves visibility and auditing of critical user actions in sessions.

Figure 105. Sensitive input highlighting in Timeline

Full-Text Search¶

You can search for any text that was typed or displayed during your past PAM sessions. Clipboard-related context is also included in full-text search results.

Enter a term in the search bar, and any sessions containing that term will appear.

Click the "Play" button to watch the entire recording. To jump directly to the moment the searched term appeared, click the each occurence within the search result details.
Click the "Navigate to the session" button (next to the Play button) to jump to the session activity timeline view of that session.

Example

Searching for mkdir shows a session with 5 occurrences.

Clicking the 'Play' action opens a preview of the session recording, highlighting where the searched term was found.

SAML - Services Providers¶

This section shows all Service Providers (SPs) assigned to you by your administrator. To access one, click Login to Service Provider button in the Actions column.

Settings¶

About¶

This section shows the version information for the application's components.

This guide is for informational purposes only. The functionality and capabilities of individual parts of the Excalibur system depend on the installation, configuration, and system administrators, and may change with updates.

User Manual 4.19.0¶

Introduction¶

Excalibur Mobile Application¶

Download Excalibur v4 Mobile Application¶

Main screen¶

Notifications¶

Overview¶

Sort and Filter Notifications¶

Notification details¶

Approve or Deny Peer Verification and Just in Time Access Requests¶

Notification History¶

Settings¶

Companies¶

Peer Verification¶

General Settings¶

Other Settings¶

Update Notification¶

Registration¶

Login¶

Dashboard Overview¶

Overview¶

Tenant Selector¶

User Profile¶

User Details¶

General details¶

Audit Logs¶

Accessible Targets¶

Sessions¶

Actions¶

Permissions¶

Preferences¶

Language Selection¶

Role Switcher¶

Passkeys¶

Create a Passkey¶

Login with Passkey¶

Passkey Audit Logs¶

Passkey Registration Error Handling¶

Logs¶

Logout¶

Navigation Side Panel¶

Overview¶

Navigation Breadcrumbs¶

Management¶

Actions¶

Overview¶

General Tab¶

Location Tab¶

Validation Result Tab¶

Authenticators¶

Peer Verification¶

Pending Verifications¶

Resolved Verifications¶

Your Own Verifications¶

Just in Time Access¶

Overview¶

How Just in Time Access Works¶

Smart time-based access¶

Status of Just in Time Access requests¶

Pending requests¶

Resolved requests¶

History¶

My requests¶

Automatic and Manual Session Termination¶

Auditing and Actions¶

Email Notifications¶

PAM¶

Targets¶

Web Application Streaming¶

Sessions¶

Sessions overview¶

Session activity timeline, playback and file transfers¶

Enhanced Anomaly Detection in Session Timeline¶

Sensitive Input Highlighting in Session Timeline¶

Full-Text Search¶

SAML - Services Providers¶

Settings¶

About¶