Give access to Password Storage for a single app

alucarddjin — Thu, 06 May 2021 15:42:57 GMT

Hi,

I'm trying to build an app that will pull information from a third party tool via it's API function.

The information I'm getting is not event data and is only going to be pulled when called by a user of the app. The API link is going to be authenticated with a service account that Splunk will store the password for.

Here's where I'm getting trouble. when the users call the API, I need to pull the password to initiate the session, but it's obvs going to be encrypted and the users can't get it without the list_stored_passwords role. However If I give the users the list_stored_passwords role they can see ALL stored passwords by using the REST command.

Is there a way to lock the list_stored_passwords role so it only brings back the password a specific app?

If not how else could I store a password that only people who have access to the app could decrypt?

Re: Give access to Password Storage for a single app

gjanders — Fri, 07 May 2021 22:56:05 GMT

No, but you may want to vote for https://ideas.splunk.com/ideas/EID-I-368 or https://ideas.splunk.com/ideas/EID-I-297

topic Re: Give access to Password Storage for a single app in Splunk Dev

Give access to Password Storage for a single app

Re: Give access to Password Storage for a single app