Process Mining
2021.10
false
Process Mining
Last updated May 28, 2024

Set up a Credential store

Introduction

The credential store provides a way to use passwords without exposing these to developers.

The server administrator is responsible for setting up the credential store and filling it with passwords. The server administrator should provide a list of available credentials to developers. These developers can use the identifier of a password.

There are two available ways to store passwords:

  • a json file on disk;
  • in the Azure Key Vault.

    Note: You can only use one of the methods simultaneously.

Prerequisites

An Azure environment should be available for Azure Key Vault.

Setting up a file-based Credential store

The file-based credential store is a json file that resides on disk, called credential_store.json. This file must contain a single object, containing a set of key-value pairs, where:
  • key is the identifier that developers should use,
  • value contains the actual password.
Follow these steps to create a file-based credential store containing one password, with PasswordIdentifer as an identifier.

Step

Action

1

Create a new text file in the <PLATFORMDIR>\databases with the name credential_store.json.

2

Open credential_store.json using a text editor.

3

Enter the following information in the file:

{

"PasswordIdentifier": "s3cr3tp4ssw0rd"

}

4

Save the file.

5

Go to the Superadmin Settings tab.

6

Add the following entry to the Server settings:

"CredentialStore": {

"Type" : "File"

}

The identifier PasswordIdentifier can now be used by developers and, when used, will result in the password s3cr3tp4ssw0rd.
Below is an example of a credential_store.json file for a credential store with multiple passwords.
{
      "passwordIdentifier": "secr3tp4ssw0rd"
    , "ldapServerPassword": "BBx^W2Vh(7!r]@>!%"
    , "oracleDatabasePassword": "~5u4$8HtCE]3mXpV"
    , ...
}{
      "passwordIdentifier": "secr3tp4ssw0rd"
    , "ldapServerPassword": "BBx^W2Vh(7!r]@>!%"
    , "oracleDatabasePassword": "~5u4$8HtCE]3mXpV"
    , ...
}

Setting up an encrypted file-based Credential store

It is also possible to create an encrypted file-based credential store. In this case, you set the Type to Encrypted in the CredentialStore entry in the Server Settings. It is only possible to add entries in the encrypted credential store using the DataServer command -AddEncryptedPassword.
-dataserver -AddEncryptedPassword <key> <password>-dataserver -AddEncryptedPassword <key> <password>
Follow these steps to create an encrypted file-based credential store containing one password, with PasswordIdentifer as an identifier.

Step

Action

1

Go to the Superadmin Settings tab.

2

Add the following entry to the Server settings:

"CredentialStore": {

"Type" : "Encrypted"

}

3

Open a Windows command line prompt and go to the [PLATFORMDIR]\builds folder.

4

Enter the following command:

processgold.bat -dataserver -AddEncryptedPassword PasswordIdentifier s3cr3tp4ssw0rd.

Added password entries cannot be removed.

Note: The -AddEncryptedPassword command will overwrite existing password values without notification.
  • Introduction
  • Prerequisites
  • Setting up a file-based Credential store
  • Setting up an encrypted file-based Credential store

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.