Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 8.0 LTS - Secrets Vault User Guide

Pulling credentials from the OneIdentity K/V secrets engine

By default, the Secrets Broker Vault Add-on enables the Key/Value secrets engine in the embedded vault and configures a OneIdentity policy for storing the credentials that are pushed from SPP. Accessing the credentials can be done using the Hashicorp vault CLI or the Hashicorp REST API. The credentials can then be used in other parts of a devops environment as needed. For more information, see KV Secrets Engine - Version 2: Writing/Reading arbitrary data.

  1. Get a list of all the accounts whose credentials have been pushed from SPP and are available from the embedded vault, use the following command:

    vault kv list oneidentity

  2. Get the metadata and credential for a specified account, use the following command:

    vault kv get oneidentity/<account/key name>

Removing the Safeguard for Privileged Passwords

To remove the Safeguard for Privileged Passwords

  1. Open the Secrets Broker Vault settings page.

  2. Click the Secrets Broker Vault button in the Add-ons section.

  3. On the Add-on Settings dialog, click the Delete Add-on button to remove the Safeguard for Privileged Passwords.

  4. On the Delete Add-on dialog, click Delete Add-on.

    NOTE: Although not required, it is suggested that you leave the Restart Safeguard Secrets Broker for DevOps Service option selected. You can also use the Restart Secrets Broker option (accessed using the button) to manually perform the restart.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating