Splunk Dev

Give access to Password Storage for a single app

alucarddjin
Path Finder

Hi,

I'm trying to build an app that will pull information from a third party tool via it's API function.

The information I'm getting is not event data and is only going to be pulled when called by a user of the app. The API link is going to be authenticated with a service account that Splunk will store the password for.

Here's where I'm getting trouble. when the users call the API, I need to pull the password to initiate the session, but it's obvs going to be encrypted and the users can't get it without the list_stored_passwords role. However If I give the users the list_stored_passwords role they can see ALL stored passwords by using the REST command.

Is there a way to lock the list_stored_passwords role so it only brings back the password a specific app?

If not how else could I store a password that only people who have access to the app could decrypt?

Labels (3)
Tags (2)
0 Karma
Get Updates on the Splunk Community!

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

What are Community Office Hours?Community Office Hours is an interactive 60-minute Zoom series where ...

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

A Prelude to .conf25: Your Guide to Splunk University

Heading to Boston this September for .conf25? Get a jumpstart by arriving a few days early for Splunk ...