# Static Tokens
## Static Tokens
Connection Manager supports configuring custom static tokens which can correspond to a specific field of a specific Keeper Vault record contained within the Shared Folder. These static tokens must be specified in either the Docker compose or directly in the guacamole configuration file, depending on the installation method of the platform. In most cases, the Dynamic Tokens are a preferable method of integration.
### **Auto Docker Install Method**
If you installed Keeper Connection Manager using the Auto Docker Install method, you will need to modify the auto-generated Docker Compose file to define your static tokens.
As root, edit the `/etc/kcm-setup/docker-compose.yml` file.
Edit the "environment" section underneath the "guacamole" docker image. Insert an environmental variable called `KSM_TOKEN_MAPPING` that includes a multi-line definition of your custom tokens. In the example below, there are 3 custom tokens for specific fields within the Keeper vault shared folder. The token syntax is using [Keeper Notation](/keeperpam/secrets-manager/about/keeper-notation.md).
{% code overflow="wrap" lineNumbers="true" %}
```
guacamole:
image: xxx
restart: unless-stopped
volumes:
- common-storage:/var/lib/guacamole
environment:
ACCEPT_EULA: "Y"
GUACD_HOSTNAME: "guacd"
MYSQL_HOSTNAME: "db"
MYSQL_DATABASE: "guacamole_db"
MYSQL_USERNAME: "guacamole_user"
MYSQL_PASSWORD: "xxxxxxx"
KSM_CONFIG: "xxxxxxx"
KSM_TOKEN_MAPPING: |
MY_CUSTOM_SECRET: keeper://cps2OgKHpFQ8Ye30L9587w/field/password
MY_OTHER_CUSTOM_SECRET: keeper://sS6jDVv0HoM0yGMU4OaOAw/file/linuxssoconnect.pem
RDP_INITIAL_PROGRAM: keeper://cps2OgKHpFQ8Ye30L9587w/custom_field/program
```
{% endcode %}
Once the file changes have been saved, update the containers:
```
$ sudo ./kcm-setup.run upgrade
```
### Docker Compose Install Method
Edit your `docker-compose.yml` file. Look for the "guacamole" docker image and the "environment" section which defines environmental variables.
Insert an environmental variable called `KSM_TOKEN_MAPPING` that includes a multi-line definition of your custom tokens. In the example below, there are 3 custom tokens for specific fields within the Keeper vault shared folder. The token syntax is using [Keeper Notation](/keeperpam/secrets-manager/about/keeper-notation.md).
{% code overflow="wrap" lineNumbers="true" %}
```
guacamole:
image: xxx
environment:
ACCEPT_EULA: "Y"
GUACD_HOSTNAME: "guacd"
MYSQL_HOSTNAME: "db"
MYSQL_DATABASE: "guacamole_db"
MYSQL_USERNAME: "guacamole_user"
MYSQL_PASSWORD: "xxxxxxx"
KSM_CONFIG: "xxx"
KSM_TOKEN_MAPPING: |
MY_CUSTOM_SECRET: keeper://cps2OgKHpFQ8Ye30L9587w/field/password
MY_OTHER_CUSTOM_SECRET: keeper://sS6jDVv0HoM0yGMU4OaOAw/file/linuxssoconnect.pem
RDP_INITIAL_PROGRAM: keeper://cps2OgKHpFQ8Ye30L9587w/custom_field/program
```
{% endcode %}
Once the file changes have been saved, update the containers:
```
sudo su
docker-compose up -d
```
### Custom Token Usage
When using custom tokens, the records can be setup in any way. Keeper notation in the mapping file can identify any specified field.
The tokens can then be used with the ${*XXX*} format within the Connection Manager parameters screen. A couple of examples are seen below:
{% hint style="info" %}
The records must be in the shared folder that your Secrets Manager Application has access to.
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.keeper.io/keeper-connection-manager/vault-integration/static-tokens.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
