Subscribe

UiPath Process Mining

The UiPath Process Mining Guide

Set up a Credential Store

Introduction

The credential store provides a way to use passwords without exposing these to developers.

The server administrator is responsible for setting up the credential store and filling it with passwords. The server administrator should provide a list of available credentials to developers. These developers can use the identifier of a password.

There are two available ways to store passwords:

  • a json file on disk;
  • in the Azure Key Vault.

📘

Note

You can only use one of the methods simultaneously.

Prerequisites

An Azure environment should be available for Azure Key Vault.

Setting up a file-based credential store

The file-based credential store is a json file that resides on disk, called credential_store.json. This file must contain a single object, containing a set of key-value pairs, where:

  • key is the identifier that developers should use,
  • value contains the actual password.

Follow these steps to create a file-based credential store containing one password, with PasswordIdentifer as an identifier.

Step

Action

1

Create a new text file in the <PLATFORMDIR>\databases with the name credential_store.json.

2

Open credential_store.json using a text editor.

3

Enter the following information in the file:

{
"PasswordIdentifier": "s3cr3tp4ssw0rd"
}

4

Save the file.

5

Go to the Superadmin Settings tab.

6

Add the following entry to the Server settings:

"CredentialStore": {
"Type" : "File"
}

The identifier PasswordIdentifier can now be used by developers and, when used, will result in the password s3cr3tp4ssw0rd.

Below is an example of a credential_store.json file for a credential store with multiple passwords.

{
      "passwordIdentifier": "secr3tp4ssw0rd"
    , "ldapServerPassword": "BBx^W2Vh(7!r_>!%"
    , "oracleDatabasePassword": "~5u4$8HtCE>3mXpV"
    , ...
}

Setting up an encrypted file-based credential store

It is also possible to create an encrypted file-based credential store. In this case, you set the Type to Encrypted in the CredentialStore entry in the Server Settings. It is only possible to add entries in the encrypted credential store using the DataServer command -AddEncryptedPassword.

-dataserver -AddEncryptedPassword <key> <password>

Follow these steps to create an encrypted file-based credential store containing one password, with PasswordIdentifer as an identifier.

Step

Action

1

Go to the Superadmin Settings tab.

2

Add the following entry to the Server settings:

"CredentialStore": {
"Type" : "Encrypted"
}

3

Open a Windows command line prompt and go to the <PLATFORMDIR>\builds folder.

4

Enter the following command:
processgold.bat -dataserver -AddEncryptedPassword PasswordIdentifier s3cr3tp4ssw0rd.

Added password entries cannot be removed.

📘

Note

The -AddEncryptedPassword command will overwrite existing password values without notification.

Updated about a month ago

Set up a Credential Store


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.