Vault integration
If your external system uses a vault provider to store sensitive credentials, you can use the Vault Service when onboarding a system. This allows you to retrieve credentials from an external vault rather than from local storage.
Prerequisites
- Install and configure the Vault service according to the Vault service instructions in the Getting Started section.
- Create the connection objects in the Vault connections view.
Onboard a system using a vault secret
-
Go to the page of the system you registered as explained here.
-
In System definition, click Connection details.
-
Click the icon Vault configuration next to the Password field.
-
When the Password dialog opens:
- Enter in Vault the data object created in Vault connections.
- Enter the Path to the secret on the vault.
- Optionally (if the secret is a part of a JSON object or a dictionary object), enter a Key to the secret.
-
Click Save to save your configuration and close the dialog.
Once you have saved, the parent Password field shows an arbitrary password and, on the subsequent server side call, Omada Identity retrieves the secret from the vault, encodes and stores it in the data connection object.
For more information about the Vault Service, refer to the Vault service instructions in the Getting Started section.