Creating and Managing Secrets

Adding a secret

1. Log in to Britive.
2. Click on Admin->Secrets Manager->Britive Vault.
3. Select the node where the secret needs to be created.
4. Click on the Secrets tab and click the Add Secret button or select Add Secret from the overflow menu of a particular node.
5. Enter the following on the Add Secret page:
   1. Enter the Secret Name.
   2. Enter the Description (Optional).
   3. Select the Secret Type from the drop-down list of secret templates. For more information about creating a secret template, see Creating and Managing Static Secret Templates.
   4. Enter the secret details that are based on the selected secret type. For Example,
      • If the secret type is selected as GenericWebApp, you must enter the URL(Optional), Username, and Password as the secret details.
      • If the secret type is selected as a file template, you need to upload the file as a secret. The file size should be less than or equal to 400KB.
      • If the secret type is based on a template using an OTP Seed, you need to enter either a QR code or a Setup Key. This is used only in case of applications that have configured MFA authentication. You can select one of the following: 
        • QR Code: Upload a file containing a QR code. QR code is acquired from the source application when MFA authentication is enabled. The file size limit is 400 KB.
        • Setup Key: Enter the Setup key value. 
      • If the secret type is based on a template using Recovery keys, you need to enter the recovery keys/backup codes generated by the source application.
   5. Enter or generate the Password. You have the option to let the system generate a password, or you can enter a password. The password should strictly match the criteria specified in the password policy of the selected secret template.
   6. Click Save.

Managing Secrets

You can edit secret details, move secrets to a different node or delete secrets.

1. Log in to Britive.
2. Click on Admin->Secrets Manager->Britive Vault.
3. Click on the Secrets tab.
4. Select the secret and choose the Action. 
   1. Manage Secret:
      • Click Edit to update the secret details, including the secret name. You can edit the secret details based on the selected secret template. For example, if you are using a file as a secret, you can download the secret file. You also have the option to reset the secret details. Click Save. If Step-up Verification is configured while configuring the secrets policy, you must select the preferred authentication method to view and edit the secret. For more information about configuring step-up verification for secrets policy, see Secrets Policies. If WebAuthn authentication is configured, a user is prompted with a WebAuthn verification popup. In the same way, if only the OTP is configured, it prompts for the OTP. To register a verification device, see User Settings. 
        • For WebAuthn: Click Edit Secret with WebAuthn and complete the verification process on your registered device.
        • For OTP: Enter the OTP from the authentication app and click Edit Secret with OTP.
          Note:

          Renaming or moving a secret to a different node/path cancels the pending approvals. You need to send an approval request again to gain access.

          
          
      • Click Delete to delete the secret.
   2. Delete Secret: Delete the secret.
   3. Move Secret: Moves a secret from its current node to a different node or path. Select the secret you want to move and click the Move Secret action. On the Move Secret window, select the desired node and click the Move button. Only policies directly associated with the secret are transferred to the new node. Any inherited policy accesses from the original parent nodes are discarded, and the secret inherits access permissions from the new parent node(s), if applicable.