Developer SDKs
Sample code and SDK integration instructions for Keeper Secrets Manager

Overview

The Keeper Secrets Manager SDKs are purpose-built to provide extremely simple, fast and efficient access to Secrets Management functionality from all popular languages.

Installation

Java
JavaScript
Python
.Net
GoLang

Install With Gradle

Reference the maven repository:
1
repositories {
2
mavenCentral()
3
}
4
5
dependencies {
6
implementation 'com.keepersecurity.secrets-manager:core:16.3.1'
7
}
Copied!
More installation options can be found on the Java/Kotlin SDK page

Source Code

Find the Java source code in the GitHub repository

Install With NPM

npm install @keeper-security/secrets-manager-core

Source Code

Find the JavaScript source code in the GitHub repository

Install With PIP

pip3 install -U keeper-secrets-manager-core

Source Code

Find the Python source code in the GitHub repository

Install With DotNet

dotnet add package Keeper.SecretsManager

Source Code

Find the .Net source code in the GitHub repository

Install With Go

1
import (
2
ksm "github.com/keeper-security/secrets-manager-go/core"
3
klog "github.com/keeper-security/secrets-manager-go/core/logger"
4
)
Copied!

Source Code

Find the Go source code in the GitHub repository

Authentication

The Secrets Manager SDK authenticates to the Keeper Vault using either the One Time Access Token or using the generated keys within the local configuration file. To generate one or more One Time Access Tokens from Commander CLI use the secrets-manager client add command.
1
$ keeper shell
2
3
... login ...
4
5
My Vault> secrets-manager client add --app MyApplication --unlock-ip
Copied!

Initialization

Secrets Manager SDKs utilize a configuration file to hold connection tokens and settings. These examples show how to create a config file using the SDKs and a One-Time Access Token.
For information on other ways to create a config file, see the Config File documentation.
Java
JavaScript
Python
.Net
GoLang
1
import com.keepersecurity.secretsManager.core.*;
2
import static com.keepersecurity.secretsManager.core.SecretsManager.*;
3
4
public class KSMSample {
5
6
public static void main(String[] args){
7
// oneTimeToken is used only once to initialize the storage
8
// after the first run, subsequent calls will use ksm-config.json
9
String oneTimeToken = "[ONE TIME TOKEN]";
10
KeyValueStorage storage = new LocalConfigStorage("ksm-config.json");
11
try {
12
// after the first run, this line can be removed
13
initializeStorage(storage, oneTimeToken);
14
15
SecretsManagerOptions options = new SecretsManagerOptions(storage);
16
} catch (Exception e) {
17
System.out.println(e.getMessage());
18
}
19
20
// Rest of the code using `options`
21
}
22
}
Copied!
1
const {
2
getSecrets,
3
initializeStorage,
4
localConfigStorage,
5
downloadFile,
6
updateSecret
7
} = require('@keeper-security/secrets-manager-core')
8
9
const oneTimeToken = '[One Time Access Token]'
10
11
const getKeeperRecords = async () => {
12
const storage = localConfigStorage("ksm-config.json")
13
await initializeStorage(storage, oneTimeToken)
14
const {records} = await getSecrets({storage: storage})
15
console.log(records)
16
17
const firstRecord = records[0]
18
const firstRecordPassword = firstRecord.data.fields.find(x => x.type === 'password')
19
console.log(firstRecordPassword.value[0])
20
}
21
22
getKeeperRecords().finally()
Copied!
1
from keeper_secrets_manager_core import SecretsManager
2
from keeper_secrets_manager_core.storage import FileKeyValueStorage
3
4
oneTimeToken = "[One Time Access Token]"
5
6
secrets_manager = SecretsManager(
7
# One time tokens can be used only once - afterwards use the generated config file
8
token=oneTimeToken,
9
config=FileKeyValueStorage('ksm-config.json')
10
)
11
12
# Retrieve all password records (will also initialize config)
13
records = secrets_manager.get_secrets()
14
Copied!
1
using System;
2
using SecretsManager;
3
4
var oneTimeToken = "[One Time Access Token]";
5
var storage = new LocalConfigStorage("ksm-config.json");
6
try {
7
// One time tokens can be used only once - afterwards use the generated config file
8
SecretsManagerClient.InitializeStorage(storage, oneTimeToken);
9
var options = new SecretsManagerOptions(storage);
10
11
// Retrieve all password records (will also initialize config)
12
var records = (await SecretsManagerClient.GetSecrets(options)).Records;
13
Console.WriteLine(quot;Received {records.Length} record(s)");
14
15
// get the password from the first record
16
var firstRecord = records[0];
17
var password = records[0].FieldValue("password").ToString();
18
Console.WriteLine(quot;Password: {password}");
19
} catch (Exception e) {
20
Console.WriteLine(e);
21
}
Copied!
1
package main
2
3
// Import Secrets Manager
4
import ksm "github.com/keeper-security/secrets-manager-go/core"
5
6
func main() {
7
8
onetimeAccessCode := "[One Time Access Token]"
9
10
options := &ksm.ClientOptions{
11
// One time tokens can be used only once - afterwards use the generated config file
12
Token: onetimeAccessCode,
13
Config: ksm.NewFileKeyValueStorage("ksm-config.json")}
14
15
sm := ksm.NewSecretsManager(options)
16
17
// Retrieve all password records (will also initialize config)
18
allRecords, _ := sm.GetSecrets([]string{})
19
20
// Get password from first record:
21
22
firstRecord := allRecords[0]
23
24
firstRecordPassword := firstRecord.Password()
25
26
print("Password: [", firstRecordPassword, "]")
27
}
Copied!
After a config file has been initialized, the One-Time Access Token should be removed from code
This initialization code will create a configuration file on the device local storage.
Field
Description
hostname
The destination host where your Enterprise tenant is located:
  • keepersecurity.com
  • keepersecurity.eu
  • keepersecurity.com.au
  • govcloud.keepersecurity.us
token
One Time Access Token generated from Commander or Vault UI
config
Filename to store the local config
After initialization, the config file will contain a few more generated keys:
Config Name
Description
appKey
Application Private Key (AES-256)
clientID
Unique Client Device Identifier
privateKey
Client Device Private Key (ECC secp256r1)

Retrieve All Secrets

Java
JavaScript
Python
.Net
GoLang
1
import com.keepersecurity.secretsManager.core.*;
2
import static com.keepersecurity.secretsManager.core.SecretsManager.*;
3
import java.io.FileOutputStream;
4
5
public class KSMSample {
6
7
public static void main(String[] args){
8
// get pre-initialized storage
9
KeyValueStorage storage = new LocalConfigStorage("ksm-config.json");
10
try {
11
SecretsManagerOptions options = new SecretsManagerOptions(storage);
12
13
// get all available secrets
14
KeeperSecrets secrets = SecretsManager.getSecrets(options);
15
16
// print out record details
17
System.out.println(secrets.getRecords());
18
} catch (Exception e) {
19
System.out.println(e.getMessage());
20
}
21
}
22
}
Copied!
1
const {records} = await getSecrets({storage: storage})
Copied!
1
from keeper_secrets_manager_core import SecretsManager
2
from keeper_secrets_manager_core.storage import FileKeyValueStorage
3
4
secrets_manager = SecretsManager(
5
config=FileKeyValueStorage('ksm-config.json')
6
)
7
8
all_records = secrets_manager.get_secrets()
9
10
# print out all record JSON data
11
for record in all_records:
12
# record.print() # print record to STDOUT
13
print(record.uid + " - " + record.title)
14
print("\tLogin: " + record.field('login')[0])
15
print("\tPassword: " + record.field('password')[0])
16
Copied!
1
using System;
2
using System.Threading.Tasks;
3
using SecretsManager;
4
5
private static async Task retrieveAllSecrets()
6
{
7
// get pre-initialized storage
8
var storage = new LocalConfigStorage("ksm-config.json");
9
var options = new SecretsManagerOptions(storage);
10
11
// get all available secrets
12
var records = (await SecretsManagerClient.GetSecrets(options)).Records;
13
foreach (var record in records)
14
{
15
Console.WriteLine(record.RecordUid + " - " + record.Data.title);
16
foreach (var field in record.Data.fields)
17
{
18
Console.WriteLine("\t" + field.label + " (" + field.type + "): [" + String.Join(", ", field.value) + "]");
19
}
20
}
21
}
Copied!
1
package main
2
3
// Import Secrets Manager
4
import ksm "github.com/keeper-security/secrets-manager-go/core"
5
6
func main() {
7
8
options := &ksm.ClientOptions{
9
// One time tokens can be used only once - afterwards use the generated config file
10
Config: ksm.NewFileKeyValueStorage("ksm-config.json")}
11
12
sm := ksm.NewSecretsManager(options)
13
14
// Retrieve all password records (will also initialize config)
15
allRecords, _ := sm.GetSecrets([]string{})
16
17
for _, record := range allRecords {
18
println("UID", record.Uid, ", title [", record.Title(), "]")
19
}
20
}
Copied!
These examples assumes a Secrets Manager config file has already been initialized.
See the Initialization section for how to initialize a config file.

Retrieve One Individual Secret

In this example, the Record UID is XXX
Java
JavaScript
Python
.Net
GoLang
1
import com.keepersecurity.secretsManager.core.*;
2
import java.util.List;
3
4
public class KSMSample {
5
public static void main(String[] args){
6
// get pre-initialized storage
7
KeyValueStorage storage = new LocalConfigStorage("ksm-config.json");
8
try {
9
SecretsManagerOptions options = new SecretsManagerOptions(storage);
10
11
// create a filter with the UID of the record we want
12
List<String> uidFilter = List.of("[XXX]");
13
14
// fetch secrets with the filter
15
KeeperSecrets secrets = SecretsManager.getSecrets(options, uidFilter);
16
17
// get the desired secret from the fetch results
18
KeeperRecord myCredentials = secrets.getRecords().get(0);
19
20
// print out record details
21
System.out.println("Record UID: " + myCredentials.getRecordUid());
22
System.out.println("Title: " + myCredentials.getData().getTitle());
23
} catch (Exception e) {
24
System.out.println(e.getMessage());
25
}
26
}
27
}
Copied!
1
const {records} = await getSecrets({storage: storage}, ['XXX'])
Copied!
1
from keeper_secrets_manager_core import SecretsManager
2
from keeper_secrets_manager_core.storage import FileKeyValueStorage
3
4
secrets_manager = SecretsManager(
5
config=FileKeyValueStorage('ksm-config.json')
6
)
7
8
UID_FILTER = ['RECORD_UID']
9
10
record = secrets_manager.get_secrets(UID_FILTER)[0]
11
12
print(record.uid + " - " + record.title)
13
print("\tLogin: " + record.field('login')[0])
14
print("\tPassword: " + record.field('password')[0])
15
Copied!
With a secret retrieved, individual fields can be retrieved from the secret.
1
# Get a standard template field
2
login = record.field('login', single=True)
3
4
# Get a custom field, e.g. API Key
5
api_key = record.custom_field('API Key', single=True)
Copied!
1
using System;
2
using System.Threading.Tasks;
3
using SecretsManager;
4
5
private static async Task getOneIndividualSecret()
6
{
7
var storage = new LocalConfigStorage("ksm-config.json");
8
var options = new SecretsManagerOptions(storage);
9
var records = (await SecretsManagerClient.GetSecrets(
10
options, new[] { "XXX" })
11
).Records;
12
foreach (var record in records)
13
{
14
Console.WriteLine(record.RecordUid + " - " + record.Data.title);
15
foreach (var field in record.Data.fields)
16
{
17
Console.WriteLine("\t" + field.label + " (" + field.type + "): [" + String.Join(", ", field.value) + "]");
18
}
19
}
20
}
Copied!
1
package main
2
3
// Import Secrets Manager
4
import ksm "github.com/keeper-security/secrets-manager-go/core"
5
6
func main() {
7
8
options := &ksm.ClientOptions{
9
// One time tokens can be used only once - afterwards use the generated config file
10
Config: ksm.NewFileKeyValueStorage("ksm-config.json")}
11
12
sm := ksm.NewSecretsManager(options)
13
14
// Retrieve one individual record by UID (will also initialize config)
15
allRecords, _ := sm.GetSecrets([]string{"[Record UID]"})
16
17
for _, record := range allRecords {
18
println("UID", record.Uid, ", title [", record.Title(), "]")
19
}
20
}
Copied!
These examples assumes a Secrets Manager config file has already been initialized.
See the Initialization section for how to initialize a config file.

Retrieve a Password

Example to retrieve an individual record password field.
In this example, the Record UID is XXX
Java
JavaScript
Python
.Net
GoLang
1
import com.keepersecurity.secretsManager.core.*;
2
import java.util.List;
3
4
public class KSMSample {
5
public static void main(String[] args){
6
// get pre-initialized storage
7
KeyValueStorage storage = new LocalConfigStorage("ksm-config.json");
8
try {
9
SecretsManagerOptions options = new SecretsManagerOptions(storage);
10
11
// create a filter with the UID of the record we want
12
List<String> uidFilter = List.of("XXX");
13
14
// fetch secrets with the filter
15
KeeperSecrets secrets = SecretsManager.getSecrets(options, uidFilter);
16
17
// get the desired secret from the fetch results
18
KeeperRecord myCredentials = secrets.getRecords().get(0);
19
20
// get and print out password
21
String pwd = myCredentials.getPassword();
22
System.out.println("Password from Keeper: " + pwd);
23
} catch (Exception e) {
24
System.out.println(e.getMessage());
25
}
26
}
27
}
Copied!
1
secret.data.fields.find(x => x.type === 'password')
Copied!
1
from keeper_secrets_manager_core import SecretsManager
2
from keeper_secrets_manager_core.storage import FileKeyValueStorage
3
4
secrets_manager = SecretsManager(
5
config=FileKeyValueStorage('ksm-config.json')
6
)
7
8
# Get an individual secret by UID
9
UID_FILTER = 'XXX'
10
secret = secrets_manager.get_secrets([UID_FILTER])[0]
11
12
# Get a password from the secret
13
secret.field('password', single=True)
Copied!
1
using System;
2
using System.Threading.Tasks;
3
using SecretsManager;
4
5
private static async Task retrieveAPassword()
6
{
7
var storage = new LocalConfigStorage("ksm-config.json");
8
var options = new SecretsManagerOptions(storage);
9
var records = (await SecretsManagerClient.GetSecrets(
10
options, new[] { "XXX" })
11
).Records;
12
foreach (var record in records)
13
{
14
// retrieve "password" field
15
var passwordVal = record.FieldValue("password");
16
17
Console.WriteLine(record.RecordUid + " - " + record.Data.title + " - password=[" + passwordVal + "]");
18
}
19
}
Copied!
1
package main
2
3
// Import Secrets Manager
4
import ksm "github.com/keeper-security/secrets-manager-go/core"
5
6
func main() {
7
8
options := &ksm.ClientOptions{
9
// One time tokens can be used only once - afterwards use the generated config file
10
Config: ksm.NewFileKeyValueStorage("ksm-config.json")}
11
12
sm := ksm.NewSecretsManager(options)
13
14
// Retrieve all records (will also initialize config)
15
allRecords, _ := sm.GetSecrets([]string{})
16
17
for _, record := range allRecords {
18
passwordMethod1 := record.Password()
19
//passwordMethod2 := record.GetFieldValueByType("password") // retrieve password by accessing field
20
println("UID", record.Uid, ", Password [", passwordMethod1, "]")
21
}
22
}
Copied!
These examples assumes a Secrets Manager config file has already been initialized.
See the Initialization section for how to initialize a config file.

Download a File Attachment

Java
JavaScript
Python
.Net
GoLang
1
import com.keepersecurity.secretsManager.core.*;
2
3
import java.io.FileOutputStream;
4
import java.util.List;
5
6
public class KSMSample {
7
public static void main(String[] args){
8
// get pre-initialized storage
9
KeyValueStorage storage = new LocalConfigStorage("ksm-config.json");
10
try {
11
SecretsManagerOptions options = new SecretsManagerOptions(storage);
12
13
// create a filter with the UID of the record we want
14
List<String> uidFilter = List.of("XXX");
15
16
// fetch secrets with the filter
17
KeeperSecrets secrets = SecretsManager.getSecrets(options, uidFilter);
18
19
// get the desired secret from the fetch results
20
KeeperRecord myCredentials = secrets.getRecords().get(0);
21
22
// get a file reference by filename from the record
23
KeeperFile file = myCredentials.getFileByName("acme.cer");
24
25
// download the file
26
byte[] fileBytes = SecretsManager.downloadFile(file);
27
String filename = file.getData().getName();
28
FileOutputStream fos = new FileOutputStream(filename);
29
fos.write(fileBytes);
30
System.out.println("Downloaded File: " + filename);
31
} catch (Exception e) {
32
System.out.println("KSM ran into an problem: " + e.getMessage());
33
}
34
}
35
}
Copied!
1
const file = firstRecord.files.find(x => x.data.name === 'acme.cer')
2
if (file) {
3
const fileBytes = await downloadFile(file)
4
fs.writeFileSync(file.data.name, fileBytes)
5
}
Copied!
1
from keeper_secrets_manager_core import SecretsManager
2
from keeper_secrets_manager_core.storage import FileKeyValueStorage
3
4
secrets_manager = SecretsManager(
5
config=FileKeyValueStorage('ksm-config.json')
6
)
7
8
# Get an individual secret by UID
9
UID_FILTER = 'XXX'
10
secret = secrets_manager.get_secrets([UID_FILTER])[0]
11
12
# Save all files to a /tmp folder (create folder if does not exist)
13
for file in secret.files:
14
print("file: %s" % file)
15
file.save_file("/tmp/" + file.name, True)
Copied!
1
using System;
2
using System.IO;
3
using System.Threading.Tasks;
4
using SecretsManager;
5
6
private static async Task downloadAFileAttachment()
7
{
8
var storage = new LocalConfigStorage("ksm-config.json");
9
var options = new SecretsManagerOptions(storage);
10
11
// get record by UID
12
var records = (await SecretsManagerClient.GetSecrets(
13
options, new[] { "XXX" })
14
).Records;
15
foreach (var record in records)
16
{
17
// download the file from the 1st record
18
var file = record.GetFileByName("acme.cer");
19
if (file != null)
20
{
21
var fileBytes = SecretsManagerClient.DownloadFile(file);
22
// write bytes to the disc
23
await File.WriteAllBytesAsync(file.Data.name, fileBytes);
24
}
25
}
26
}
Copied!
1
package main
2
3
// Import Secrets Manager
4
import ksm "github.com/keeper-security/secrets-manager-go/core"
5
6
func main() {
7
8
options := &ksm.ClientOptions{
9
// One time tokens can be used only once - afterwards use the generated config file
10
Config: ksm.NewFileKeyValueStorage("ksm-config.json")}
11
12
sm := ksm.NewSecretsManager(options)
13
14
// Retrieve all password records (will also initialize config)
15
allRecords, _ := sm.GetSecrets([]string{"[Record UID]"})
16
17
for _, record := range allRecords {
18
19
// Search file by title
20
file := record.FindFileByTitle("[FILE TITLE]")
21
22
// get file from the array by its index
23
//file := record.Files[0]
24
25
// Safe file to the disc
26
file.SaveFile("/tmp/"+file.Name, true)
27
}
28
}
Copied!
These examples assumes a Secrets Manager config file has already been initialized.
See the Initialization section for how to initialize a config file.

Retrieve TOTP Codes

Java
JavaScript
Python
.Net
GoLang
1
import com.keepersecurity.secretsManager.core.*;
2
3
public class KSMSample {
4
public static void main(String[] args){
5
// get pre-initialized storage
6
KeyValueStorage storage = new LocalConfigStorage("ksm-config.json");
7
try {
8
SecretsManagerOptions options = new SecretsManagerOptions(storage);
9
10
// fetch secrets
11
KeeperSecrets secrets = SecretsManager.getSecrets(options);
12
13
// get the totp url from the desired secret
14
String totpUrl = Notation.getValue(secrets, "XXX/field/oneTimeCode");
15
16
// get TOTP code
17
TotpCode totpCode = TotpCode.uriToTotpCode(totpUrl);
18
System.out.println("TOTP: " + totpCode.getCode());
19
} catch (Exception e) {
20
System.out.println(e.getMessage());
21
}
22
}
23
}
Copied!
1
const url = getValue(secrets, `keeper://${record.recordUid}/field/oneTimeCode`)
2
let totp = await getTotpCode(url)
Copied!
1
from keeper_secrets_manager_core import SecretsManager
2
from keeper_secrets_manager_core.storage import FileKeyValueStorage
3
# Import TOTP Util
4
from keeper_secrets_manager_core.utils import get_totp_code
5
6
secrets_manager = SecretsManager(
7
config=FileKeyValueStorage('ksm-config.json')
8
)
9
10
# Get an individual secret by UID
11
UID_FILTER = 'XXX'
12
secret = secrets_manager.get_secrets([UID_FILTER])[0]
13
14
# Get a TOTP URL from the secret
15
url = secret.get_standard_field_value('oneTimeCode', True)
16
17
# Get a One Time Token from the secret's TOTP field
18
code, _, _ = get_totp_code(url)
Copied!
1
using System;
2
using System.Threading.Tasks;
3
using SecretsManager;
4
5
private static async Task retrieveTOTPCodes()
6
{
7
var storage = new LocalConfigStorage("ksm-config.json");
8
var options = new SecretsManagerOptions(storage);
9
10
// get record by UID
11
var records = (await SecretsManagerClient.GetSecrets(
12
options, new[] { "XXX" })
13
).Records;
14
foreach (var record in records)
15
{
16
17
// Retrieve QR/TOTP Code from the record
18
string totpUrl = record.FieldValue("oneTimeCode").ToString();
19
20
// Convert TOTP URI using KSM's built-in function
21
var totp = CryptoUtils.GetTotpCode(totpUrl);
22
23
Console.WriteLine("QR Code: [" + totp.Code + "]");
24
Console.WriteLine("Expire in: [" + totp.TimeLeft + "]");
25
Console.WriteLine("Total time interval: [" + totp.Period + "]");
26
}
27
}
Copied!
1
package main
2
3
// Import Secrets Manager
4
import ksm "github.com/keeper-security/secrets-manager-go/core"
5
6
func main() {
7
8
options := &ksm.ClientOptions{
9
// One time tokens can be used only once - afterwards use the generated config file
10
Config: ksm.NewFileKeyValueStorage("ksm-config.json")}
11
12
sm := ksm.NewSecretsManager(options)
13
14
// Retrieve all password records (will also initialize config)
15
allRecords, _ := sm.GetSecrets([]string{"[Record UID]"})
16
17
for _, record := range allRecords {
18
totpUrl := record.GetFieldValueByType("oneTimeCode")
19
totpCode, _ := ksm.GetTotpCode(totpUrl)
20
21
println("QR Code: [", totpCode.Code, "]")
22
println("Expire in: [", totpCode.TimeLeft, "]")
23
println("Total time interval: [", totpCode.Period, "]")
24
}
25
}
26
Copied!
These examples assumes a Secrets Manager config file has already been initialized.
See the Initialization section for how to initialize a config file.

Update a Password

Java
JavaScript
Python
.Net
GoLang
1
import com.keepersecurity.secretsManager.core.*;
2
import java.util.List;
3
4
public class KSMSample {
5
public static void main(String[] args){
6
// get pre-initialized storage
7
KeyValueStorage storage = new LocalConfigStorage("ksm-config.json");
8
try {
9
SecretsManagerOptions options = new SecretsManagerOptions(storage);
10
11
// create a filter with the UID of the record we want
12
List<String> uidFilter = List.of("XXX");
13
14
// fetch secrets with the filter
15
KeeperSecrets secrets = SecretsManager.getSecrets(options, uidFilter);
16
17
// get the desired secret from the fetch results
18
KeeperRecord myCredentials = secrets.getRecords().get(0);
19
20
//update the password and save changes to the record
21
myCredentials.updatePassword("aP1$t367QOCvL$eM$bG#");
22
SecretsManager.updateSecret(options, myCredentials);
23
24
} catch (Exception e) {
25
System.out.println(e.getMessage());
26
}
27
}
28
}
Copied!
1
// update the password on the first record
2
firstRecordPassword.value[0] = 'aP1$t367QOCvL$eM$bG#'
3
await updateSecret({storage: storage}, firstRecord)
Copied!
1
from keeper_secrets_manager_core import SecretsManager
2
from keeper_secrets_manager_core.storage import FileKeyValueStorage
3
4
secrets_manager = SecretsManager(
5
config=FileKeyValueStorage('ksm-config.json')
6
)
7
8
# Get an individual secret by UID
9
UID_FILTER = ['XXX']
10
record = secrets_manager.get_secrets(UID_FILTER)[0]
11
12
# Set the new password to the secret
13
record.set_standard_field_value('password', 'NewPassword123')
14
15
# Save the secret with changes to the Keeper Vault
16
secrets_manager.save(record)
17
Copied!
1
using System.Threading.Tasks;
2
using SecretsManager;
3
4
private static async Task updateAPassword()
5
{
6
var storage = new LocalConfigStorage("ksm-config.json");
7
var options = new SecretsManagerOptions(storage);
8
var records = (await SecretsManagerClient.GetSecrets(
9
options, new[] { "XXX" })
10
).Records;
11
foreach (var record in records)
12
{
13
// Setting new value to the "password" field
14
record.UpdateFieldValue("password", "NewP4$w0Rd");
15
16
// Persist field's new value to Keeper backend
17
await SecretsManagerClient.UpdateSecret(options, record);
18
}
19
}
Copied!
1
package main
2
3
// Import Secrets Manager
4
import ksm "github.com/keeper-security/secrets-manager-go/core"
5
6
func main() {
7
8
options := &ksm.ClientOptions{
9
// One time tokens can be used only once - afterwards use the generated config file
10
Config: ksm.NewFileKeyValueStorage("ksm-config.json")}
11
12
sm := ksm.NewSecretsManager(options)
13
14
// Retrieve all password records (will also initialize config)
15
allRecords, _ := sm.GetSecrets([]string{"[Record UID]"})
16
17
for _, record := range allRecords {
18
19
record.SetPassword("NewP4$w0Rd") // Set the new password to the secret
20
21
record.RawJson = ksm.DictToJson(record.RecordDict) // Since we will be sending JSON to the server, we need to set the
22
23
sm.Save(record) // Save the secret with changes to the Keeper Vault
24
}
25
}
Copied!

Generate a Password

Java
JavaScript
Python
.Net
GoLang
1
import com.keepersecurity.secretsManager.core.*;
2
import java.util.List;
3
import java.util.Arrays;
4
5
public class KSMSample {
6
public static void main(String[] args){
7
// get pre-initialized storage
8
KeyValueStorage storage = new LocalConfigStorage("ksm-config.json");
9
try {
10
SecretsManagerOptions options =