Managing and using secrets

Edit online

Secrets store sensitive values and can be used in Common Expression Language (CELx) expressions.

Before you begin

  • You must have administrative permission to complete this task.
  • Log in to the IBM® Verify administration console as an Administrator.

About this task

Note: The secrets in CELx expressions (VDEV_66277) can be enabled upon request. To request this feature, contact your IBM Sales representative or IBM contact and indicate your interest in enabling this capability. If you have permission to create a support ticket, create a support ticket with the feature name "secrets in CELx expressions". IBM Verify trial subscriptions cannot create support tickets.
You can perform the following tasks:
  • Create secrets and secret groups .
  • Edit secrets and secret groups .
  • Delete secrets and secret groups.
  • Use secrets in CELx expressions.

Procedure

  1. Select Security > Secrets.
  2. Create a secret group.
    1. Select the Secret groups tab.
    2. Select Create secret group and provide the secret group details.
      Table 1. Secret group details
      Field Description
      Secret group name The name of the secret group.
      Description Optional. The description of the secret group.
    3. Select Create.
  3. Create a secret.
    1. Select the Secrets tab.
    2. Select Create secret and provide the secret details.
      Table 2. Secret details
      Field Description
      Secret name The name of the secret.
      Secret group The group that the secret belongs to.
      Secret value The value of the secret.
      Description Optional. The description of the secret.
      Note: If no secret groups are created, the secret is assigned to the default secret group. A secret can be assigned to one group only. After creation, a secret cannot be reassigned to a different group. Secret groups can have multiple secrets assigned to them.
    3. Select Create.
    The usage pattern for CEL scripts is displayed. You can later see the usage pattern for the secret by selecting Options > Usage pattern.
  4. Edit a secret or a secret group.
    1. For the secret you want to edit, select Options > Edit
      You cannot change the secret name or the secret group. You can change the secret value and the description.
    2. Select Save.
    3. For the secret group you want to edit, select Options > Edit
      You cannot change the secret group name. You can change the description.
    4. Select Save.
  5. Delete a secret.
    1. Select the Secrets tab.
    2. Select Options > Delete on the desired secret group.
    3. Select Delete to confirm that you want to delete the secret.
    The secret is removed from the list and from any secret groups.
  6. Delete a secret group.
    All secrets that belong to the secret group must be removed before the group can be deleted.
    1. Select the Secret groups tab.
    2. For the group you want to delete, select Options > List secrets to verify whether any secrets exist for the group.
    3. Select Options > Delete on the desired secret group.
    4. Select Delete to confirm that you want to delete the group.
  7. Use a secret in a CELx expression.
    • To use a secret from the default group in a CELx expression, use the function secrets.Get("<secret name>").
    • To use a secret from any group in a CELx expression, use the function secrets.Get("<secret group>", "<secret name>").
    You can see the usage pattern for the secret by selecting Options > Usage pattern .