We have hundreds of endpoints and hundreds of generic credentials set up in our PAM solution, nothing is AD joined.
As a result, the discovery cannot be used and we have no way to link our existing endpoint (almost all jump clients) with credentials.
We setup credentials in such a way the name of the credential and the endpoint match.
Every new session is challenging as the selection of credentials in the access console is quirky because of the scrolling behavior.
Furthermore we notice that not all credentials are shown despite the fact that they are setup in the vault as seen in the webinterface.
Some suggestions to improve on this:
-Allow for a filter text input box, basicallly for any field where you potentially have hundreds of items (credentials/jump groups/teams/...)
-Auto propose a credential by trying to match endpoint name with credential name, in our case this would auto select the proper credential
-Fix the credential fetching code so that all the credentials that are accessible are shown (now some are omitted)
-Endpoints in the vault should also populate based on jump clients already existing in the system, that would allow for manually linking credentials in case a discovery is not possible