Detailed Java and Kotlin SDK docs for Keeper Secrets Manager
Find the Java/Kotlin source code in the GitHub repository
Using token only to generate a new config (for later usage) requires at least one read operation to bind the token and fully populate config.json
In order to retrieve secrets, you must first initialize the local storage on your machine.
Response
Type: KeeperSecrets
Object containing all Keeper records, or records that match the given filter criteria
Example Usage
Retrieve all Secrets
Retrieve one secret by UID
Example Usage
This shortcut gets the password of a secret once that secret has been retrieved from Keeper Secrets Manager.
To get a field value, you will need to cast the return to the class of the corresponding field type. For a list of field types see the Record Types page.
Keeper Notation
See Keeper Notation documentation to learn about Keeper Notation format and capabilities
Record update commands don't update local record data on success (esp. updated record revision) so any consecutive updates to an already updated record will fail due to revision mismatch. Make sure to reload all updated records after each update batch.
Update Secret
Update Secret is used to save changes made to a secret. Once updateSecret is performed successfully, the changes are reflected in the Keeper Vault.
Update Password
Update other fields
Each record field type is represented by a class. Cast the field to the corresponding class in order to correctly access the field's value. Check the Record Types documentation for a list of field types.
Fields can have multiple values, which is accessed in a List. In this example we are updating the login field, which only accepts one value, so we update the one value in the values list.
Each parameter indicates the min number of a type of character to include. For example, 'uppercase' indicates the minimum number of uppercase letters to include.
Response
Type: ByteArray
ByteArray of file for download
Response
Type: ByteArray
ByteArray of thumbnail for download
Upload File:
Creating the Keeper File Upload Object:
Example Usage
Shared folder UID
Shared folder must be accessible by the Secrets Manager Application
You and the Secrets Manager application must have edit permission
There must be at least one record in the shared folder
Created records and record fields must be formatted correctly
See the documentation for expected field formats for each record type
TOTP fields accept only URL generated outside of the KSM SDK
After record creation, you can upload file attachments using uploadFile
This example creates a login type record with a login value and a generated password.
Replace '[FOLDER UID]
' in the example with the UID of a shared folder that your Secrets Manager Application has access to.
This example creates a record with a custom record type.
Replace '[FOLDER UID]
' in the example with the UID of a shared folder that your Secrets Manager Application has access to.
The Java/Kotlin KSM SDK can delete records in the Keeper Vault.
To protect against losing access to your secrets when network access is lost, the Java SDK allows caching of secrets to the local machine in an encrypted file.
Setup and Configure Cache
In order to setup caching in the Java SDK, include a caching post function as the second argument when instantiating aSecretsManagerOptions
object.
The Java SDK includes a default caching function cachingPostFunction
which stores cached queries to a file.
Folders have full CRUD support - create, read, update and delete operations.
Downloads full folder hierarchy.
Response
Type: List<KeeperFolder>
Example Usage
Requires CreateOptions
and folder name to be provided. The folder UID parameter in CreateOptions
is required - UID of a shared folder, while sub-folder UID is optional and if missing new regular folder is created directly under the parent (shared folder). There's no requirement for the sub-folder to be a direct descendant of the parent shared folder - it could be many levels deep.
Example Usage
Updates the folder metadata - currently folder name only.
Example Usage
Removes a list of folders. Use forceDeletion
flag to remove non-empty folders.
When using forceDeletion avoid sending parent with its children folder UIDs. Depending on the delete order you may get an error - ex. if parent force-deleted child first. There's no guarantee that list will always be processed in FIFO order.
Any folders UIDs missing from the vault or not shared to the KSM Application will not result in error.
Example Usage
Parameter | Type | Required | Description |
---|---|---|---|
Parameter | Type | Required | Default |
---|---|---|---|
Parameter | Type | Required | Description |
---|---|---|---|
Parameter | Type | Required | Description |
---|---|---|---|
Parameter | Type | Required | Default |
---|---|---|---|
Parameter | Type | Required | Default |
---|---|---|---|
Parameter | Type | Required |
---|---|---|
Parameter | Type | Required | Default | Description |
---|---|---|---|---|
Parameter | Type | Required | Default | Description |
---|---|---|---|---|
Parameter | Type | Required | Default | Description |
---|---|---|---|---|
Parameter
Type
Required
Default
Description
storage
KeyValueStorage
Yes
clientKey
String
Optional
null
hostName
String
Optional
null
Parameter
Type
Required
Default
Description
options
SecretsManagerOptions
Yes
Storage and query configuration
recordsFilter
List<String>
Optional
Empty List
Record search filters
recordTitle
String
Yes
Record title to search for
Parameter
Type
Required
Default
Description
secret
KeeperRecord
Yes
Record to get field value from
query
String
Yes
Dot notation query of desired field
Parameter
Type
Required
Default
Description
url
String
Yes
TOTP Url
Parameter
Type
Required
Default
Description
options
SecretsManagerOptions
Yes
Storage and query configuration
recordToUpdate
KeeperRecord
Yes
Record to update
Parameter
Type
Required
Default
Description
password
String
Yes
New password to set
length
int
Optional
64
lowercase
int
Optional
0
uppercase
int
Optional
0
digits
int
Optional
0
specialCharacters
int
Optional
0
Parameter
Type
Required
Default
Description
file
KeeperFile
Yes
File to download
Parameter
Type
Required
Default
Description
file
KeeperFile
Yes
File with thumbnail to download
options
SecretsManagerOptions
Yes
Storage and query configuration
ownerRecord
KeeperRecord
Yes
The record to attach the uploaded file to
file
KeeperFileUpload
Yes
The File to upload
name
string
Yes
What the name of the file will be in Keeper once uploaded
title
string
Yes
What the title of the file will be in Keeper once uploaded
type
string
Optional
The mime type of data in the file. 'application/octet-stream' will be used if nothing is given
data
ByteArray
Yes
File data as bytes
options
SecretsManagerOptions
Yes
folderUid
String
Yes
newRecordData
KeeperRecordData
Yes
secrets
KeeperSecrets
Optional
Freshly fetched list of all secrets from the Keeper servers
options
SecretsManagerOptions
Yes
createOptions
CreateOptions
Yes
newRecordData
KeeperRecordData
Yes
folders
KeeperFolder[]
Optional
Freshly fetched list of all folders from the Keeper servers
smOptions
SecretsManagerOptions
Yes
recordUids
List<Sting>
Yes
options
SecretsManagerOptions
Yes
Preconfigured options
createOptions
CreateOptions
Yes
The parent and sub-folder UIDs
folderName
String
Yes
The Folder name
folders
List<KeeperFolder>
No
List<KeeperFolder>
List of folders to use in the search for parent and sub-folder from CreateOptions
options
SecretsManagerOptions
Yes
Preconfigured options
folderUid
String
Yes
The folder UID
folderName
String
Yes
The new folder name
folders
List<KeeperFolder>
No
List<KeeperFolder>
List of folders to use in the search for parent folder
options
SecretsManagerOptions
Yes
Preconfigured options
folderUids
List<String>
Yes
The folder UID list
forceDeletion
Boolean
No
false
Force deletion of non-empty folders
Description of each accessible field type Class in the Keeper Secrets Manager Java SDK
Use the getField
function to access record fields.
The 'FIELD_TYPE' needs to be a class from the list below.
All Record Fields extend the KeeperRecordField class, and contain a lbl field
Name
Type
Required
Default
lbl
String
No
null
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
enforceGeneration
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
first
String
No
null
middle
String
No
null
last
String
No
null
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<Name>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<Long>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<Long>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<Long>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
question
String
No
null
answer
String
No
null
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<SecurityQuestion>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
Label
String
No
null
required
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
region
String
No
null
number
String
No
null
ext
String
No
null
type
String
No
null
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
List<Phone>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
value
List<String>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
List<String>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
List<String>
Yes
Name
Type
Required
Default
cardNumber
String
No
null
cardExpirationDate
String
No
null
cardSecurityCode
String
No
null
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<PaymentCard>)
Yes
Name
Type
Required
Default
accountType
String
No
null
routingNumber
String
No
null
accountNumber
String
No
null
otherType
String
No
null
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<BankAccount>)
Yes
Name
Type
Required
Default
publicKey
String
no
null
privateKey
String
no
null
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<KeyPair>
Yes
Name
Type
Required
Default
hostName
String
No
null
port
String
No
null
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<Host>
Yes
Name
Type
Required
Default
street1
String
No
null
street2
String
No
null
city
String
No
null
state
String
No
null
county
String
No
null
zip
String
No
null
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<Address>
Yes
Name
Type
Required
Default
label
String
No
null
required
Boolean
No
null
privacyScreen
Boolean
No
null
value
MutableList<String>
Yes
Name
Type
Required
Default
title
String
Yes
name
String
Yes
type
String
Yes
size
Long
Yes
lastModified
Long
Yes