Phone Number +1-202-802-9399 (US)

SECRET SERVER FEATURE: Advanced Scripting

Integrate custom
and 3rd-party apps

1.

Overview of Advanced Scripting:

Automation of complex tasks is crucial for administrators and DevOps teams to eliminate human error and allow an organization to scale. Many applications require passwords or keys in order to access third-party APIs, databases, or external resources. Any complex automation build-out will require access to passwords or keys to call APIs and access data.

By integrating custom and third-party applications with Secret Server, you can avoid built-in application credentials and ensure proper control and management.

2.

Web Services API

Secret Server has both SOAP and REST web services APIs. These APIs can be integrated using .NET, Java, Python, Ruby, PowerShell scripting languages.

With the web services API you can build custom workflows, such as automatically creating secrets for new accounts, and tie DevOps build and deployment processes to stored accounts in Secret Server.

Learn more about API web services.

3.

Secret Server SDK

The SDK establishes secure access points so that power users can employ Secret Server’s robust API directly through the Command Line, without taking time away to enter privileged account passwords.

The SDK is a console application written in .NET Core that wires up its own credentials based on the machine it is installed on. Those credentials, or “DevOps Users,” don’t have any rights in Secret Server but can be assigned to other Secret Server users or application user accounts, essentially mimicking permissions in order to access secrets. This removes the widespread problem for DevOps team members to hard-code credentials into scripts and configuration files. Instead, the target system will be registered via IP address and added to an allow list, which will allow REST authentication without entering user credentials. The SDK client can be used to retrieve a REST user token for typical REST API use; alternatively, users can utilize the SDK client to perform direct queries against Secret Server.

Client System Requirements:

  • Must be running Secret Server 10.4

Types of Operating Systems:

  • win10-x64 (Windows 10)
  • centos-7-x64 (CentOS 7)
  • 7-x64 (Red Hat Enterprise 7)
  • 16.10-x64 (Ubuntu 16.10)
  • 10.12-x64 (Mac OS 10.12)

4.

Powershell Password Changing

With this feature, IT Admins can upload custom PowerShell scripts to gain greater flexibility for Dependencies and Check Out. They can then set the scripts to run as post-password change actions so applications that rely on the account can be updated or environmental changes can be made.

PowerShell scripts can also run as before and after Hooks when a Secret is checked out, and the Hooks can be used to guarantee that external systems are set to full audit when in use by a Secret Server user.

5.

Dependencies

Secret dependencies are items that rely on the username, password, or SSH private key stored in the secret. They are automatically updated when the secret’s password is changed, ensuring they are up to date with the account on which they depend. File dependencies allow text files with embedded credentials to be changed via Regex.

The supported dependency types are IIS application pools, IIS application pool recycle, scheduled tasks, windows services, passwords embedded in .ini, .config, and other text files. Custom dependencies can be created using SSH, PowerShell, or SQL scripts.

6.

Custom Ticket System Integration

Secret Server can integrate with your ticketing system via PowerShell. This integration includes validating ticket numbers, their status, and adding comments.

Secret Server can integrate with ServiceNow’s Incident and Change Management service. This integration includes validating ticket numbers, their status, and adding Work Detail items to the request. The integration with ServiceNow leverages the out-of-the-box REST-based Web services.

6.

DevOps Secrets Vault

If you have a complex DevOps environment that utilizes continuous integration/continuous delivery (CI/CD), try Thycotic DevOps Secrets Vault, a high-velocity vault capable of high-speed secrets creation, archiving, and retrieval. It automates secrets management via the command line or REST API and is built on an AWS serverless architecture. Dynamic secrets management delivered as a service empowers you to adopt modern DevOps principles easily, quickly and securely.

Learn more about DevOps Secrets Vault.

Start a Free 30 Day Trial of Secret Server

Choose your deployment option:
Cloud
On-premises
By completing this form you are opting into emails from Thycotic. You can unsubscribe at any time.