Support generating password on new Secret #252
chrisallennc
started this conversation in
Ideas
Replies: 1 comment
-
|
I'd like to second this. The OP mentions it can be done via SOAP, but it's in the REST documentation as well using a PUSH method to "/api/v1/secret-templates/generate-password/{secretfieldId}". |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Currently through the module there appears no way to generate a password (using the password policy for that field/template) before/when the Secret is created. You can't do it until the Secret has been created and you have an ID. Could this be added? Using the GUI you can do this. The REST API appears to provide an option to have the ability to do this via https://updates.thycotic.net/secretserver/restapiguide/10.9/WinAuth/#operation--secret-templates-generate-password--secretfieldId--post. This is definitely possibly through the SOAP API using /winauthwebservices/sswinauthwebservice.asmx?op=GeneratePassword.
You would provide the field ID on the template which generates a password per the policy. You then set that password to the value of the password field on the SecretStub. For now you have to do something like this, providing a placeholder password until the new one is generated:
$newSecret = Get-TssSecretStub -TssSession $tssSession -SecretTemplateId $secretTemplate.Id
$folder = Get-TssFolder -TssSession $tssSession -FolderPath $secretPath
$newSecret.FolderId = $folder.Id
$newSecret.Name = $name
$newSecret.SetFieldValue('notes','Created using PowerShellModule"')
$newSecret.SetFieldValue('password','testpw')
$secret = New-TssSecret -TssSession $tssSession -SecretStub $newSecret
$generatedPassword = Invoke-TssSecretGeneratePassword -TssSession $tssSession -Id $secret.SecretId -Slug "password"
Set-TssSecretField -TssSession $tssSession -Id $secret.SecretId -Slug 'password' -Value $generatedPassword
Where instead you'd do something like this:
$newSecret = Get-TssSecretStub -TssSession $tssSession -SecretTemplateId $secretTemplate.Id
$folder = Get-TssFolder -TssSession $tssSession -FolderPath $secretPath
$newSecret.FolderId = $folder.Id
$newSecret.Name = $name
$newSecret.SetFieldValue('notes','Created using PowerShellModule"')
New Function "Get-TSSTemplateGeneratedPassword" (or whatever you want to call it) below:
$generatedPassword = Get-TSSTemplateGeneratedPassword -TssSession $tssSession -SecretTemplateFieldId
$newSecret.SetFieldValue('password', $generatedPassword)
$secret = New-TssSecret -TssSession $tssSession -SecretStub $newSecret
This is really helpful for templates with significant password complexity since that's all managed inside the application and you'd be getting a password generated from there.
Beta Was this translation helpful? Give feedback.
All reactions