Applications
Secrets Manager Applications with KeeperPAM
Last updated
Was this helpful?
Secrets Manager Applications with KeeperPAM
Last updated
Was this helpful?
A Secrets Manager Application allows a machine or device to communicate with the Keeper vault, retrieve assigned records and decrypt the data.
Folders are shared to the application, similar to how users are folders are shared to users. This gives the application the capability of accessing and decrypting the records in the folder.
From the Keeper Vault, go to Secrets Manager and click on Create Application.
The Application Name typically represents the use case or environment where it is being used
The Folder selected is where the application is assigned. An application can be added to any number of shared folders.
Record permissions give the application either read-only or read/write access to the folder. This is an additional restriction on top of the existing shared folder permissions.
Click on Generate Access Token to create the first access token, representing the first device
If you don't plan to set up a device yet, the first access token can be discarded
When creating an application, a one-time access token for the first Device is provided. This one-time access token is supplied to the 3rd party system, Keeper Secrets Manager SDK, Keeper Secrets Manager CLI or other device which needs to access information from the vault.
After creating the application, it is managed from the Secrets Manager screen. You can then assign additional devices or Keeper Gateways.
Applications can be added to new or existing Shared Folders.
Edit the Shared Folder to assign the application.
By assigning the Application to shared folders, the application's devices can send Keeper Secrets Manager API requests to the Keeper vault to access and manage the records assigned. There are many use cases where a device can use Keeper Secrets Manager APIs to communicate with the Keeper vault. Below are a few examples.
Keeper Gateways are created and associated to an application. To create a new Gateway, open the application and click on the "Gateways" tab. Select "Provision Gateway" to create a Gateway.
Alternatively, Keeper provides a wizard that creates several components at once, and automatically links everything together. From the main vault screen, select "Create New" then "Gateway".
The "Project Name" is used to create a PAM Configuration, Gateway, Application and optionally a set of example folders and records.
