Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 7.3 - Secrets Vault User Guide

Pulling credentials from the OneIdentity K/V secrets engine

By default, the Secrets Broker Vault Add-on enables the Key/Value secrets engine in the embedded vault and configures a OneIdentity policy for storing the credentials that are pushed from Safeguard for Privileged Passwords. Accessing the credentials can be done using the Hashicorp vault CLI or the Hashicorp REST API. The credentials can then be used in other parts of a devops environment as needed. For more information, see KV Secrets Engine - Version 2: Writing/Reading arbitrary data.

  1. Get a list of all the accounts whose credentials have been pushed from Safeguard for Privileged Passwords and are available from the embedded vault, use the following command:

    vault kv list oneidentity

  2. Get the metadata and credential for a specified account, use the following command:

    vault kv get oneidentity/<account/key name>

Removing the Secrets Broker Vault

To remove the Secrets Broker Vault

  1. Open the Secrets Broker Vault settings page.

  2. Click the Secrets Broker Vault button in the Add-ons section.

  3. On the Add-on Settings dialog, click the Delete Add-on button to remove the Secrets Broker Vault.

  4. On the Delete Add-on dialog, click Delete Add-on.

    NOTE: Although not required, it is suggested that you leave the Restart Safeguard Secrets Broker for DevOps Service option selected. You can also use the Restart Secrets Broker option (accessed using the button) to manually perform the restart.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating