Replies: 1 comment 2 replies
-
The REST API with Secret Server does not support the redirection required for authenticating with Azure AD. |
Beta Was this translation helpful? Give feedback.
-
|
Well, that's a shame.... I was hoping there might be some way to authenticate directly with Azure AD, and then use that token to access Secret Server, but I guess that would be quite difficult, if not impossible, too. Oh, well. Thanks for letting me know. |
Beta Was this translation helpful? Give feedback.
-
|
You can provide feedback to Thycotic requesting it as a feature. I'm sure other customers already have but the more requests they receive help raise the priority for it being added to the product. |
Beta Was this translation helpful? Give feedback.
-
We are attempting to log into the API (Secret Server Cloud) using an account that is authenticated via Azure AD. I have not tried using this PS module yet. Does it work with Azure AD logins?
Ideally we would be able to sign into the Secret Server Cloud API using an Azure AD account, so that we can utilize the Azure Conditional Access policies, to protect the account. We would very much prefer to not rely upon a third-party PS module, or the Thycotic Client SDK though, as this script will be run on hundreds of servers, and during the initial setup process of those servers.
So, I am just curious, do you know how we can authenticate against Azure AD, when connecting to the API? If that is impossible, I guess the only other option that we have would be to use a local account created directly in the Secret Server instance? That would reduce our security posture, since we would not be able to leverage Azure Conditional Access for the logins, but I guess that we’ll just have to suck it up, if we have no other choice….
Thanks,
-Evan
Beta Was this translation helpful? Give feedback.
All reactions