Configuring Password Vault

Use the password vault configuration page to enable and configure the Password Vault API. The configuration page provides an interface for storing username and password credentials in an encrypted format for each configured resource.

About this task

IBM® Security Verify Access provides a password vault API that provides username and password single sign-on (SSO) capabilities for a specified list of resources. The following configuration options allow the functionality to be managed:
Enable password vault
Turn the password vault API on or off.
Resources
Specify the list of resources for which the password vault API will be invoked.
Data Location
Specify the storage location for the username and password information. This can be either the runtime database or the traditional GSO lock-box.
Public Key
Optionally specify a certificate from the rt_profile_keys key database that will be used to generate a JWE from the password.
Admin Group
Specify the group that is used to allow admin privileges for a user. For example, "adminGroup".

Procedure

  1. Log in to the local management interface.
  2. From the top menu, select AAC > Manage > Password Vault Configuration.
    The current password vault configuration is shown.
  3. To update the configuration, modify the values as required.
  4. Click Save to save any configuration changes.