Secret Server Feature: API Web Services
Integrate custom and third party applications with Secret Server
Make Secret Server part of your application ecosystem wherever privileged passwords are needed by using simple APIs.
What’s the challenge?
Many applications require passwords or keys in order to access third-party APIs, databases, or external resources. By integrating these applications with the Secret Server API you can avoid built-in application credentials and ensure proper control and management of these accounts.
Why it’s important
Automation of complex tasks is crucial for Administrators and DevOps teams to eliminate human error and allow the organization to scale. Any complex automation build-out will require access to passwords or keys to call APIs and access data.
How this feature solves it
You can build out custom workflows using your favorite scripting language with the Secret Server API to eliminate passwords embedded in scripts and build tasks. Secret Server has both SOAP and REST web services APIs, and can be integrated using any programming language, such as .NET, Java, Python, Ruby, PowerShell, etc.
The API enables different teams to secure their privileged accounts and ensures that all sensitive credentials are stored and managed in Secret Server. DevOps can integrate their provisioning scripts to automatically create Secrets for new accounts. Developers can tie their build and deployment processes to use stored accounts in Secret Server.
TRY IT FREE FOR 30 DAYS. It’s fast to install and easy to use!
Start your free trial of Secret Server using the trial form.
View Secret Server’s full list of user-friendly features.
Do you have a complex DevOps environment?
If you have a complex DevOps environment that utilizes continuous integration/continuous delivery (CI/CD), we offer DevOps Secrets Vault, a high-velocity vault capable of high-speed secrets creation, archiving, and retrieval. It automates secrets management via the command line or REST API and is built on an AWS serverless architecture. DevOps Secrets Vault centralizes management, enforces access, and provides automated logging trails. Now you can minimize privileged account sprawl and harden your attack surface to lower the risk of attack without sacrificing productivity. Dynamic secrets management delivered as a service empowers you to adopt modern DevOps principles easily, quickly and securely. Learn more about DevOps Secrets Vault.
Additional API Information
What you can do with the Web Services API:
- Authenticate to Secret Server
- Search for Secrets
- Save new Secrets
- Edit existing Secrets
- Create Folders
- Set Permissions on Secrets and Folders
- And more…
View API examples and guides in our developer resources portal
Security in the API
Access Web Service using SSL to ensure the communication channel is secure. Secret Server uses a token-based authentication mechanism which makes Web Service requests easier as the authentication occurs as a separate step, and then the token is passed to each method. This token has a limited lifespan depending on the configuration determined by the administrator of the Secret Server.
- View a sample Perl script used to access the Web Services.
- View a sample PHP script used to access the Web Services.
- Access Secret Server Web Service using a PowerShell script with Windows Authentication
- Access Secret Server Web Service using a sample C# script
- Access Secret Server REST Web Services using PowerShell