Secrets are sensitive, encrypted information that can be used in other application features. For example, passwords stored as Secrets can be used by webhook actions that require login credentials to fetch data from somewhere else. They can be implemented in a Workflow or Workflow Step Template and thus avoid the problem of having to re-enter the password for each new webhook action.


TABLE OF CONTENTS



Activation of Secrets

Note: Only administrators are able to access Server Administration and therefore can activate the Secrets for the whole organization. 

  1. On the navigation menu click on More.

  2. Click on Server Administration and enable the usage of Secrets.


Add Secrets

By adding Secrets to your profile, sensitive data is stored and encrypted for future usage. Here, the scope of adding Secrets differs for general users (only Personal Secrets) and administrators (Personal and Organization Secrets).


Personal Secrets

Note: General users are only able to add Personal Secrets and access Organization Secrets. The latter are added and approved by the administrators. Personal Secrets can only be accessed by their respective creator at any time. Administrators are not able to access them. 


To add Personal Secrets please follow the steps below:

  1. On the navigation menu click on More.

  2. Click on Secrets. To add a new Secret click on + NEW SECRET.

  3. In the pop-up window: 
    1. Enter a Key for your Secret (unique identifier to reference the Secret for other application features).
    2. Enter a Value (typically an authentication token or password).
    3. Optionally, add a description to the Secret, for example, to specify its purpose.
    4. Click on SUBMIT.

  4. The submitted Secret is displayed under Personal Secrets.


Organization Secrets

Note: Only administrators are able to add Organization Secrets. They can be accessed and used company-wide, but need to be approved by an administrator beforehand.


To add Organization Secrets please follow the steps below:

  1. On the navigation menu click on More.

  2. On the left side, click on Secrets. To add a new Secret click on + NEW SECRET.

  3. A new pop-up window opens. 
    1. Click on the checkbox beside "Allow all organization members access to this secret" to enable Organization Secrets. Otherwise, a Personal Secret will be created.
    2. Enter a Key for your Secret (unique identifier to reference the Secret for other application features).
    3. Enter a Value (typically authentication token or password).
    4. Optionally, add a description to the Secret, for example, to specify its purpose.
    5. Click on SUBMIT.

  4. The submitted Secret is automatically displayed in the overview according to the scope.


Edit Secrets

Note: You are not able to change the scope of a Secret once it is set. For example, it is not possible to change a Personal Secret into an Organization Secret. In order to change the scope and use the same key, the corresponding Secret must first be deleted and a new one created.


To edit a Secret, please follow the steps below:

  1. On the navigation menu click on More.

  2. Click on Secrets. Afterward, click on the vertical ellipsis on the right side of the respective Secret you want to change. A drop-down window appears, click on Edit.

  3. In the new pop-up window:
    1. You are not able to change the unique key. 
    2. Enter a new value. Leave this field empty, if you do not want to edit the current value.
    3. Click in the input field below the header Description to enter a description.
    4. Click on SUBMIT to save the changes.


Delete Secrets

To delete a Secret, please follow the steps below:

  1. On the navigation menu click on More.

  2. Click on Secrets. Afterward, click on the vertical ellipsis on the right side of the respective Secret you want to delete. A drop-down window appears, click on Delete.

  3. Confirm the deletion by clicking on DELETE.



Secrets in Workflow or Workflow Step Templates

Secrets can be used in Workflow or Workflow Step Templates. Before running the Workflow all Secrets need to be set up and approved. Here, the interface for users without admin rights and administrators looks different and will therefore be explained separately. More general information and how to insert Workflow or Workflow Step Templates into Laboperator can be found in this article. 


User without admin rights

After selecting a workflow with included Secrets and starting it you have the following possibilities:

  1. Secrets can have three stages. The hourglass indicates that the Approval is pending. In order for this to be approved, the administrator must be contacted independently.
  2. The green arrow indicates that the Secret has been approved.
  3. The red x indicates that the Approval is rejected.
  4. After all Secrets have been approved, this must be confirmed again by entering your own Laboperator password. Enter it in the input field and click on CONFIRM.
  5. If Personal Secrets are missing you can directly create them in this view by clicking on + NEW SECRET
  6. Now run the Workflow by clicking on START.


Administrators

After selecting a workflow with included Secrets and starting it, you have the following possibilities:

  1. Secrets can have three stages. The hourglass indicates that the Approval is pending. In order to approve these Secrets, please follow the steps in the following section "Approve Organization Secrets".
  2. The checkmark indicates that the Secret has been approved.
  3. The red x indicates that the Approval is rejected.
  4. After all Secrets have been approved, this must be confirmed again by entering your own Laboperator password. Enter it in the input field and click on CONFIRM.
  5. If Personal or Organization Secrets are missing you can directly create them in this view by clicking on + NEW SECRET
  6. Now run the Workflow by clicking on START.



Approve Organization Secrets

To approve Organization Secrets, please follow the steps below:

  1. On the navigation menu click on More.

  2. In the interface:
    1. Click on Secrets in the left side panel.  
    2. You will see multiple templates requesting access to the same Secret appear grouped together in the center of the screen.
    3. At any time you are able to access all rejected Organization Secrets by a drop-down window.
    4. Click on the vertical ellipsis on the right side of the respective Secret that you want to approve. The number in the red circle shows all open Resource Approvals. In the drop-down window click on Approve Resources.
  3. A new window opens.
    1. The drop-down menu provides an overview of the status of all Resource Approvals. There are three stages: Approval pending, Approved, and Approval rejected.
    2. Click on the checkbox at the top to select all open Resource Approvals. 
    3. Or click on the checkbox on the left of the Resource to select only that resource.
    4. Click on APPROVE to allow the usage of the Secret.
    5. Or click on REJECT to prohibit the usage of the Secret.

  4. After clicking on APPROVE a pop-up window opens.
    1. Enter your password on the input field in the pop-up window.
    2. To save your password for future use, click on the key button.
    3. You can click on on the eye to make your password temporarily visible.
    4. Confirm the approval by clicking on APPROVE.



Event log

To access the audit trail of the Secrets, please follow the steps below:

  1. On the navigation menu click on More.

  2. Click on Secrets. Afterward, click on the vertical ellipsis on the right side of the respective Secret. A drop-down menu appears, click on Event log.

  3. A window with the Event log opens.
    1. Click on the vertical ellipsis next to Event to expand or collapse all Changes.
    2. Click on the downward pointing arrow to expand individual Changes.
    3. Click on the vertical ellipsis next to Timestamp to change the format. You can choose between ISO 8601 or Calendar format.
    4. Click on the Buttons under the filter header to either show all events for a Resource or show all subevents of this Event. 
    5. Click on the button next to Show all sub-events to open up all sub-events.
    6. Click on the filter symbol to expand or collapse the bar on the right side.


Filtering the Event log

To access the audit trail of the Secrets, please follow the steps below:

  1. On the navigation menu click on More.

  2. Click on Secrets. Afterward, click on the vertical ellipsis on the right side of the respective Secret. A drop-down menu appears, click on Event log.

  3. A window with the Event log opens. 
    1. Click on the Filter symbol to expand or collapse the bar on the right side.
    2. On the right sight of it click on the filter symbol to open the Filter View.
    3. Click on the filter symbol with the x to remove all filters.
    4. This button indicates the Secret which is searched based on the filters. 
    5. Type users, resources, or reasons which are related to the Secret you want to search for. 
    6. Select via drop-down window the type of users. You can choose between Registered & System, Registered, and System.
    7. Choose the Resource types.
    8. Search the audit trail for a time window by specifying start and end dates here.
    9. Click here to only show entries with a reason.


Exporting the Event log

To access the audit trail of the Secrets, please follow the steps below:

  1. On the navigation menu click on More.

  2. Click on Secrets. Afterward, click on the vertical ellipsis on the right side of the respective Secret. A drop-down menu appears, click on Event log.

  3. A window with the Event log opens. 
    1. On the right side click on the Filter symbol to expand or collapse the bar on the right side.
    2. Click on the Export symbol to open the Export View.
    3. Choose the File Format by tick the respective checkbox. 
    4. Click on CREATE to generate an Export.
  4. Afterward click on DOWNLOAD to transfer the file to your computer.