Thycotic Secret Server is a privileged account management solution designed for IT admins and IT security professionals to take charge and be in control of all password management-related processes across the organization.
D3 SOAR is providing REST operations to function with Thycotic Secret Server.
For example, you can use Thycotic Secret Server to store all of your secrets, such as passwords, usernames, and other credentials. These credentials can be from many places, such as service accounts, bank accounts, and key pairs.
To connect to Thycotic Secret Server from D3 SOAR, please follow this part to collect the required information below:
Parameter
Description
Example
Server URL
The Server URL of the Thycotic Secret Server instance.
https://***.***.com
User Name
The User Name to authenticate the connection.
apiUser
Password
The Password to authenticate the connection.
YOURPASSWORD
API Version
The version of the API to use for the connection.
v1
Permission Requirements
Each endpoint in the Thycotic Secret Server API requires a certain permission scope. The following are required scopes for the commands in this integration:
Command
Required Permission
Activate Secrets
View Secret, View Deleted Secret, Own Secret
Check In Secret
View Secret
Check Out Secret
View Secret
Create Folder
Administer Folders; Create Root Folders (only for root folders); Personal Folders (only for personal folders)
Deactivate Secrets
View Secret, Delete Secret
Get Restricted Secrets
View Secret
Get Secrets
View Secret
Get Secret States
View Secret
Search Folders
View Folders; Personal Folders (only for personal folders)
Search Secret Policies
View Secret Policy
Search Secrets
View Secret
Search Secrets By Name
View Secret
Search Secret Templates
View Secret Templates
Update Folder
Administer Folders
Update Secret Password
View Secret, Edit Secret
Update Restricted Secret Password
View Secret, Edit Secret
Test Connection
N/A
As Thycotic Secret Server is using role-based access control (RBAC), D3 connectors will be generated based on a specific user account and the application. Therefore, the command permissions are inherited from the user account’s role. Users need to configure their user profile from the Thycotic Secret Server console for each command in this integration.
Reader Note
Thycotic Secret Server’s default built-in roles are as follows:
Configuring Thycotic Secret Server to Work with D3 SOAR
Creating a Custom Role
Login your Thycotic instance with an admin account.
Navigate to Administration > Users, Roles, Access > Roles.
Click Create Role.
Enter the role name, and click Create Role.
Select the Permissions tab and click Add.
Select the desired permissions, check Permission Requirements for the least required permission. Click Add. You can drag and drop as well.
Creating New User and Assigning Roles
Navigate to Administration, then click the arrow beside it. Click Users, Roles, Access, then select User Management. Click Create User.
A window will pop up. Enter the user information, then click Add User.
After the user has been successfully added, navigate to the Roles tab, then click Edit.
Select the role you created for the user, and click Save.
Configuring D3 SOAR to Work with Thycotic Secret Server
Log in to D3 SOAR.
Find the Thycotic Secret Server integration.
Navigate to Configuration on the top header menu.
Click on the Integration icon on the left sidebar.
Type Thycotic Secret Server in the search box to find the integration, then click it to select it.
Click + New Connection, on the right side of the Connections section. A new connection window will appear.
Configure the following fields to create a connection to Thycotic Secret Server.
Connection Name: The desired name for the connection.
Site: Specifies the site to use the integration connection. Use the drop-down menu to select the site. The Share to Internal Sites option enables all sites defined as internal sites to use the connection. Selecting a specific site will only enable that site to use the connection.
Recipient site for events from connections Shared to Internal Sites: This field appears if you selected Share to Internal Sites for Site to let you select the internal site to deploy the integration connection.
Agent Name (Optional): Specifies the proxy agent required to build the connection. Use the dropdown menu to select the proxy agent from a list of previously configured proxy agents.
Description (Optional): Add your desired description for the connection.
Tenant (Optional): When configuring the connection from a master tenant site, you have the option to choose the specific tenant sites you want to share the connection with. Once you enable this setting, you can filter and select the desired tenant sites from the dropdowns to share the connection.
Configure User Permissions: Defines which users have access to the connection.
Active: Check the tick box to ensure the connection is available for use.
System: This section contains the parameters defined specifically for the integration. These parameters must be configured to create the integration connection. 1. Copy the User Name from the Thycotic Secret Server platform. Refer to step 2 of Creating a New User and Assigning Roles. 2. Copy the Password from the Thycotic Secret Server platform. Refer to step 2 of Creating a New User and Assigning Roles. 3. Input the API Version: Ensure to carefully select the API version, as different commands will be available based on whether the connection is established using v1 or v2. Each command name will contain (From v1) or (From v2) in order to specify which API version will be available from the connector list.
Enable Password Vault: An optional feature that allows users to take the stored credentials from their own password vault. Please refer to the password vault connection guide if needed.
Connection Health Check: Updates the connection status you have created. A connection health check is done by scheduling the Test Connection command of this integration. This can only be done when the connection is active. To set up a connection health check, check the Connection Health Check tickbox. You can customize the interval (minutes) for scheduling the health check. An email notification can be set up after a specified number of failed connection attempts.
Test the connection.
Click Test Connection to verify the account credentials and network connection. If the Test Connection Passed alert window appears, the test connection is successful. You will see Passed with a green checkmarkappear beside the Test Connection button. If the test connection fails, please check your connection parameters and try again.
Click OK to close the alert window.
Click +Add to create and add the configured connection.
Commands
Thycotic Secret Server includes the following executable commands for users to set up schedules or create playbook workflows. With the Test Command, you can execute these commands independently for playbook troubleshooting.
Integration API Note
For more information about the Thycotic Secret Server API, please refer to the Thycotic Secret Server API reference: https://{{subdomain}}.secretservercloud.com/app/#/admin/rest-api.
The parameter Secret IDs is required to run this command.
Run the Search Secrets command to obtain Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id.
Only deactivated secrets can be reactivated. Ensure that you set the Status parameter to 'Inactive' when executing the Search Secret command. This step ensures that all retrieved secrets are in an inactive state, making them eligible for reactivation through this command.
This command can only be used with API Version v2.
🔔
Alert
When running the Search Secrets command, ensure that your chosen secret displays $.records[*].checkedOut = false in the returned raw data. If it does, you must check out the secret before proceeding. Run the Check Out Secret command to change the value of $.records[*].checkedOut to true. Otherwise, this will result in an error message: "API_SecretRequiresCheckout".
Input
Input Parameter
Required/Optional
Description
Example
Secret IDs
Required
The IDs of the secrets to activate. Secret IDs can be obtained using the Search Secrets command, with the status set to Inactive.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
SAMPLE DATA
CODE
{
"SecretIDs": "\"[ 4 ]\""
}
Return Data
Indicates one of the possible command execution states: Successful, Partially Successful, or Failed.
The Partially Successful state only occurs when a command’s input accepts an array of items (e.g. an array of IP addresses) and one or more items within the array return an error from the API request.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
SAMPLE DATA
ID
NAME
ENABLEINHERITSECRETPOLICY
SECRETPOLICY
SITE
TEMPLATE
ACTIVE
FIELDS
FOLDER
ISOUTOFSYNC
OUTOFSYNCREASON
LASTHEARTBEATSTATUS
LASTHEARTBEATCHECK
HEARTBEATENABLED
EXPIRATION
LAUNCHERS
ISFAVORITE
AUTOCHANGEPASSWORD
CANGENERATESSHKEY
SLUGPRIVATEKEY
SLUGPUBLICKEY
ISTOTPENABLED
TOTPPASSWORDSLUG
4
***_test***
False
None
1
6027
True
['***.com', '***', None, 'test user2']
None
False
None
Disabled
None
False
None
[]
False
False
False
None
None
False
None
Error Handling
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Activate Secrets failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 400.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: API_SecretRequiresCheckout.
Error Sample Data
Activate Secrets failed.
Status Code: 400.
Message: API_SecretRequiresCheckout.
Check In Secret
Checks in a secret. By doing so, exclusive access to the secret is revoked, allowing other users to check out and view or edit it. Please note, Secret Check Out must be enabled before users can check in a secret. Check Out must be disabled before a DoubleLock can be enabled, users cannot check in a DoubleLock-enabled secret.
Reader Note
Before running this command, please enable the Secret Check Out option. Please see Enabling Secret Check Out for how to enable the option.
Check Out must be disabled before a DoubleLock can be enabled. Users cannot check in a DoubleLock-enabled secret.
This command can only be used with API Version v1.
Secret ID is a required parameterto run this command.
Run the Search Secrets command to obtain the Secret ID. Secret IDs can be found in the returned raw data at the path $.records[*].id.
Only active secrets can be checked in. Run the Search Secrets command with the Status parameter set to Active in order to obtain active secrets to run this command.
Input
Input Parameter
Required/Optional
Description
Example
Secret ID
Required
The ID of the secret to check in. Secret ID can be obtained using the Search Secrets command, with the status set to active.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
Indicates one of the possible command execution states: Successful or Failed.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
SAMPLE DATA
id
5
name
***_***
secretTemplateId
6027
secretTemplateName
Office365 Account
folderId
-1
siteId
1
active
True
checkedOut
False
isRestricted
True
isOutOfSync
False
outOfSyncReason
lastHeartBeatStatus
Pending
lastPasswordChangeAttempt
0001-01-01T00:00:00
responseCodes
None
lastAccessed
None
extendedFields
None
checkOutEnabled
True
autoChangeEnabled
False
doubleLockEnabled
False
requiresApproval
False
requiresComment
False
inheritsPermissions
False
hidePassword
False
createDate
2022-08-25T23:06:56.187
daysUntilExpiration
None
hasLauncher
False
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Check In Secret failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 400.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: API_CheckoutNotEnabled.
Error Sample Data
Check In Secret failed.
Status Code: 400.
Message: API_CheckoutNotEnabled.
Check Out Secret
Checks out a specified secret.
Reader Note
Secret ID is a required parameterto run this command.
Run the Search Secrets command to obtain the Secret ID. Secret IDs can be found in the returned raw data at the path $.records[*].id.
Check Out must be disabled before a Doublelock can be enabled, as a DoubleLock-enabled Secret cannot be checked out.
Only active secrets can be checked out. The Status parameter must be set to Active when running the Search Secret command in order to obtain active secrets to run this command.
This command can only be used with API Version v1.
Input
Input Parameter
Required/Optional
Description
Example
Secret ID
Required
The ID of the secret to check out. Secret ID can be obtained using the Search Secrets command. Check Out must be disabled before a DoubleLock can be enabled. You cannot check out a DoubleLock-enabled secret.
5
Output
Raw Data
The primary response data from the API request.
SAMPLE DATA
JSON
{
"responseCodes": []
}
Return Data
Indicates one of the possible command execution states: Successful or Failed.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
SAMPLE DATA
responseCodes
[]
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Check Out Secret failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 400.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Access Denied.
Error Sample Data
Check Out Secret failed.
Status Code: 400.
Message: Access Denied.
Create Folder
Creates a new secret folder.
Reader Note
Parent Folder ID is a required parameterto run this command.
Run the Search Folders command to obtain the Parent Folder ID. Folder IDs can be found in the returned raw data at the path $.records[*].id.
Secret Policy ID is an optional parameter to run this command.
Run the Search Secret Policy command to obtain the Secret Policy ID. Secret Policy IDs can be found in the returned raw data at the path $.records[*].secretPolicyId.
This command can only be used with API Version v1.
Input
Input Parameter
Required/Optional
Description
Example
Folder Name
Required
The name of the folder to be created.
***subfolder
Parent Folder ID
Required
The ID of this folder's parent folder. Folder IDs can be obtained using the Search Folders command. Inputting a value of -1 for this command will create a root folder.
5
Inherit Permissions
Required
Determines whether the folder should inherit permissions from its parent folder. The default value is True. Note: If creating a root folder (by inputting -1 for the parent folder ID), this parameter must be set to False.
False
Inherit Secret Policy
Required
Determines whether the folder should inherit the Secret Policy from its parent folder. Note: If creating a root folder (by inputting -1 for the parent folder ID), this parameter must be set to False.
False
Secret Policy ID
Optional
The ID of the Secret Policy that sets security and other settings on secrets contained within the folder. Secret Policy ID can be obtained using the Search Secret Policy command.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
Indicates one of the possible command execution states: Successful or Failed.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
SAMPLE DATA
id
6
folderName
***subfolder
folderPath
\***\***subfolder
parentFolderId
5
folderTypeId
1
secretPolicyId
-1
inheritSecretPolicy
True
inheritPermissions
True
childFolders
None
secretTemplates
None
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Create Folder failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 500.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: User does not have the Administer Folder permission.
Error Sample Data
Create Folder failed.
Status Code: 500.
Message: User does not have the Administer Folder permission.
Deactivate Secrets
Deactivates specified secrets. A deactivated secret is hidden from users who do not have a role containing the View Deleted Secrets permission. Secret Server uses these "soft deletes" to maintain the audit history for all data.
Reader Note
The parameter Secret IDs is required to run this command.
Run the Search Secrets command to obtain Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id.
Only active secrets can be deactivated. The Status parameter must be set to Active when running the Search Secret command in order to obtain active secrets to run this command.
This command can only be used with API Version v1.
Input
Input Parameter
Required/Optional
Description
Example
Secret IDs
Required
The ID(s) of the secret(s) to deactivate. Secret IDs can be obtained using the Search Secrets command, with the Status set to Active.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
SAMPLE DATA
CODE
{
"SecretIDs": "\"[ 4 ]\""
}
Return Data
Indicates one of the possible command execution states: Successful, Partially Successful, or Failed.
The Partially Successful state only occurs when a command’s input accepts an array of items (e.g. an array of IP addresses) and one or more items within the array return an error from the API request.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
SAMPLE DATA
ID
OBJECTTYPE
RESPONSECODES
4
Secret
[]
Error Handling
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Deactivate Secrets failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 400.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Access Denied.
Error Sample Data
Deactivate Secrets failed.
Status Code: 400.
Message: Access Denied.
Get Restricted Secrets
Retrieves details of the specified restricted secret(s), including domain, user name and password.
Reader Note
The parameter Secret IDs is required to run this command.
Run the Search Secrets command to obtain Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id. If details of the specified secret cannot be retrieved, the secret may require restricted actions to be performed. In this case, you can use the ID of the secret to run the Get Secret States command restricted actions to be performed.
This command can only be used with API Version v1.
Input
Input Parameter
Required/Optional
Description
Example
Secret IDs
Required
The ID(s) of the restricted secret(s) to retrieve the details of. Secret IDs can be obtained using the Search Secrets command. If the details of the specified secret cannot be retrieved, please run the Get Secret States command to check if the secret needs restricted actions to be performed.
[ 13 ]
Comment
Optional
The comment to add for the action of retrieving the restricted secret. If the secret requires a comment or approval to view, a reason for accessing the secret must be provided.
Test Comment
DoubleLock Password
Optional
The DoubleLock password of a secret that is DoubleLocked.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
Indicates one of the possible command execution states: Successful, Partially Successful, or Failed.
The Partially Successful state only occurs when a command’s input accepts an array of items (e.g. an array of IP addresses) and one or more items within the array return an error from the API request.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Get Restricted Secrets failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 400.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Access Denied.
Error Sample Data
Get Restricted Secrets failed.
Status Code: 400.
Message: Access Denied.
Get Secrets
Retrieves details of the specified secret(s), including domain, user name and password. If the secret is a restricted secret (requires a comment or is DoubleLock enabled), please use the Get Restricted Secrets command.
Reader Note
The parameter Secret IDs is required to run this command.
Run the Search Secrets command to obtain Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id. If details of the specified secret cannot be retrieved, the secret may require restricted actions to be performed. In this case, you can run the Get Secret States command to check if the secret needs restricted actions to be performed.
This command can only be used with API Version v2.
Input
Input Parameter
Required/Optional
Description
Example
Secret IDs
Required
The ID(s) of the secret(s) to retrieve the details of. Secret IDs can be obtained using the Search Secrets command. If the details of the specified secret cannot be retrieved, please run the Get Secret States command to check if the secret needs restricted actions to be performed.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
Indicates one of the possible command execution states: Successful, Partially Successful, or Failed.
The Partially Successful state only occurs when a command’s input accepts an array of items (e.g. an array of IP addresses) and one or more items within the array return an error from the API request.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Get Secrets failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 400.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Access Denied.
Error Sample Data
Get Secrets failed.
Status Code: 400.
Message: Access Denied.
Get Secret States
Retrieves the state of the specified Secret(s), such as whether they require approval, doublelock, checkout, or other restricted actions to be performed before running the Get Secrets command.
Reader Note
The parameter Secret IDs is required to run this command.
Run the Search Secrets command to obtain Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API Version v1.
Input
Input Parameter
Required/Optional
Description
Example
Secret IDs
Required
The ID(s) of the secret(s) to check the state of. Secret IDs can be obtained using the Search Secrets command.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
Indicates one of the possible command execution states: Successful, Partially Successful, or Failed.
The Partially Successful state only occurs when a command’s input accepts an array of items (e.g. an array of IP addresses) and one or more items within the array return an error from the API request.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
SAMPLE DATA
ID
SECRETNAME
FOLDERID
FOLDERNAME
SECRETSTATE
ISCHECKEDOUT
CHECKEDOUTUSERID
CHECKOUTMINUTESREMAINING
CHECKEDOUTUSERDISPLAYNAME
ISCHECKEDOUTBYCURRENTUSER
CHECKOUTINTERVALMINUTES
ROLE
ACTIONS
AVAILABLEACTIONS
PASSWORDCHANGEPENDING
ISACTIVE
APPROVALEND
WARNINGMINUTESREMAINING
REMAININGTIMEWARNINGMINUTEMARKER
4
offic****
-1
RequiresUndelete
None
None
None
None
None
None
None
None
None
None
None
None
None
None
Error Handling
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Get Secret States failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 400.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Access Denied.
Error Sample Data
Get Secret States failed.
Status Code: 400.
Message: Access Denied.
Search Folders
Retrieves folder information by folder name.
Reader Note
This command can only be used with API Version v1.
Input
Input Parameter
Required/Optional
Description
Example
Folder Name
Optional
The full or partial name of the folder to retrieve. If this parameter is not defined, all folders will be returned.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Search Folders failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 403.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Access Denied.
Error Sample Data
Search Folders failed.
Status Code: 403.
Message: Access Denied.
Search Secret Policies
Retrieves secret policies by secret policy name.
Reader Note
This command can only be used with API Version v1.
Input
Input Parameter
Required/Optional
Description
Example
Secret Policy Name
Optional
The full or partial name of the secret policy to retrieve. If this parameter is not defined, all secret policies will be returned.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Search Secret Policies failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 403.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Access Denied.
Error Sample Data
Search Secret Policies failed.
Status Code: 403.
Message: Access Denied.
Search Secrets
Retrieves secret information by secret template or status. The results include restricted secrets.
Reader Note
The parameter Secret Template IDs is optional to run this command.
Run the Search Secret Templates command to obtain Secret Template IDs. Secret Template IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API Version v2.
Input
Input Parameter
Required/Optional
Description
Example
Secret Template IDs
Optional
The ID of the secret template on which the secrets are generated. If this parameter is not defined, secrets of all secret templates will be returned. Secret Template IDs can be obtained using the Search Secret Templates command.
[ 6***8 ]
Status
Optional
The status of the secrets. If this parameter is not defined, both active and inactive secrets will be returned.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
SAMPLE DATA
CODE
{
"SecretIDs": "\"[ 10 ]\"",
"SecretNames": "\"[ \\\"GCP service account\\\" ]\"",
"SecretTemplateNames": "\"[ \\\"Google IAM Service Account Key\\\" ]\"",
"SecretTemplateIDs": "\"[ 6***8 ]\"",
"Active": "\"[ true ]\""
}
Return Data
Indicates one of the possible command execution states: Successful or Failed.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Search Secrets failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 403.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: You must have a valid Support account to call this API.
Error Sample Data
Search Secrets failed.
Status Code: 403.
Message: You must have a valid Support account to call this API.
Search Secrets By Name
Retrieves secret information by secret name. The results include restricted secrets and inactive secrets.
Reader Note
This command can only be used with API Version v2.
Input
Input Parameter
Required/Optional
Description
Example
Secret Name
Optional
The name of the secret to retrieve information. If this parameter is not defined, all secrets will be returned. Returned secrets are sorted by secret name in ascending order.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Search Secrets By Name failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 403.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Access Denied.
Error Sample Data
Search Secrets By Name failed.
Status Code: 403.
Message: Access Denied.
Search Secret Templates
Retrieves information about secret templates by secret template name.
Reader Note
This command can only be used with API Version v1.
Input
Input Parameter
Required/Optional
Description
Example
Secret Template Name
Optional
The full or partial name of the secret template to retrieve. If this parameter is not defined, all secret templates will be returned.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
SAMPLE DATA
CODE
{
"SecretTemplateIDs": "\"[ 6*** ]\"",
"SecretTemplateNames": "\"[ \\\"Google IAM Service Account Key\\\" ]\"",
"Active": "\"[ true ]\""
}
Return Data
Indicates one of the possible command execution states: Successful or Failed.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
{'id': 6***, 'name': 'Google IAM Service Account Key', 'secretCount': None, 'active': True, 'passwordTypeId': 50}
sortBy
[]
success
True
severity
None
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Search Secret Templates failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 403.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Access Denied.
Error Sample Data
Search Secret Templates failed.
Status Code: 403.
Message: Access Denied.
Update Folder
Updates a single secret folder by folder ID.
Reader Note
Folder ID is a required parameterto run this command.
Run the Search Folders command to obtain Folder ID. Folder IDs can be found in the returned raw data at the path $.records[*].id.
Parent Folder ID and Secret Policy ID are optional parametersto run this command.
Run the Search Folders command to obtain the Parent Folder ID. Folder IDs can be found in the returned raw data at the path $.records[*].id.
Run the Search Secret Policy command to obtain the Secret Policy ID. Secret Policy IDs can be found in the returned raw data at the path $.records[*].secretPolicyId.
This command can only be used with API Version v1.
🔔
Alert
Secret policies and permission settings cannot be modified on personal folders.
Input
Input Parameter
Required/Optional
Description
Example
Folder ID
Required
The ID of the folder to be updated. Folder ID can be obtained using the Search Folders command.
11
Folder Name
Optional
The new name of the folder to be updated.
d3lab***
Parent Folder ID
Optional
The id of this folder's new parent folder. Folder ID can be obtained using the Search Folders command. If the folder is to be updated to be a root folder, enter -1 as Parent Folder ID.
-1
Inherit Permissions
Required
Determines whether the folder should inherit permissions from its parent folder. Note: If updating to a root folder (by inputting -1 for the parent folder ID), this parameter must be set to False.
False
Inherit Secret Policy
Required
Determines whether the folder should inherit the Secret Policy from its parent folder. Note: If updating to a root folder (by inputting -1 for the parent folder ID), this parameter must be set to False.
False
Secret Policy ID
Optional
The ID of the Secret Policy that sets security and other settings on secrets contained within the folder. Secret Policy ID can be obtained using the Search Secret Policy command.
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
Indicates one of the possible command execution states: Successful or Failed.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
SAMPLE DATA
id
11
folderName
d3lab***
folderPath
\d3lab***
parentFolderId
-1
folderTypeId
1
secretPolicyId
1
inheritSecretPolicy
False
inheritPermissions
False
childFolders
None
secretTemplates
None
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Update Folder failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 400.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Cannot modify secret policy or permission settings on personal folders.
Error Sample Data
Update Folder failed.
Status Code: 400.
Message: Cannot modify secret policy or permission settings on personal folders.
Update Restricted Secret Password
Updates the password of a specified restricted secret on a local Secret Server.
Reader Note
The parameter Secret IDs is required to run this command.
Run the Search Secrets command to obtain Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API Version v1.
Input
Input Parameter
Required/Optional
Description
Example
Secret ID
Required
The ID of the secret that requires a change of password. Secret ID can be obtained using the Search Secrets command.
11
Comment
Optional
The comment to add for the action of retrieving the restricted secret. If the secret requires a comment or approval to view, a reason for accessing the secret must be provided.
Test Comment
DoubleLock Password
Optional
The DoubleLock password of a secret that is DoubleLocked.
DOUBLELOCKPASSWORD
New Password
Required
The new password for the restricted secret.
NEWPassw0rd!@#
Output
Raw Data
The primary response data from the API request.
SAMPLE DATA
JSON
{
"id": 17,
"name": {
"fieldInputType": null,
"sortOrder": null,
"value": "QATest",
"label": "Secret Name",
"name": null,
"description": "Secret Name",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": false,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"enableInheritSecretPolicy": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Enable Inherit Secret Policy",
"name": null,
"description": "This Secret will inherit or have the same Secret Policy settings as the parent folder.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": "Secret is DoubleLocked",
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"secretPolicy": {
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Secret Policy",
"name": "< No Policy >",
"description": "This policy will be applied to all new Secrets which are added to this folder and any existing Secrets that inherit the Policy",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": "Secret is DoubleLocked",
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"site": {
"fieldInputType": null,
"sortOrder": null,
"value": 1,
"label": "Site",
"name": "Default",
"description": "The container in which heartbeat, RPC, and other Secret activities occur.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"template": {
"fieldInputType": null,
"sortOrder": null,
"value": 6001,
"label": "Secret Template",
"name": "Active Directory Account",
"description": "Describes the type of Secret such as which fields, launchers, and password requirements.",
"readOnly": true,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"active": {
"fieldInputType": null,
"sortOrder": null,
"value": true,
"label": "Active",
"name": null,
"description": "Whether or not the Secret is Active",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"fields": [
{
"slug": "domain",
"type": "Text",
"dropDownOptions": null,
"passwordRequirementId": null,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": "D3security",
"label": "Domain",
"name": "Domain",
"description": "The Server or Location of the Active Directory Domain.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
{
"slug": "username",
"type": "Text",
"dropDownOptions": null,
"passwordRequirementId": null,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": "QA",
"label": "Username",
"name": "Username",
"description": "The Domain Username.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
{
"slug": "password",
"type": "Password",
"dropDownOptions": null,
"passwordRequirementId": 1,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Password",
"name": "Password",
"description": "The password of the Domain User.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
{
"slug": "notes",
"type": "Notes",
"dropDownOptions": null,
"passwordRequirementId": null,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": "",
"label": "Notes",
"name": "Notes",
"description": "Any additional notes.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": false,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
}
],
"folder": {
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Folder",
"name": "",
"description": "The folder in which a Secret resides.",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"isOutOfSync": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Out of Sync",
"name": null,
"description": "Out of sync indicates that a Password is setup for autochange and has failed its last password change attempt or has exceeded the maximum RPC attempts.",
"readOnly": true,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"outOfSyncReason": null,
"lastHeartBeatStatus": {
"fieldInputType": null,
"sortOrder": null,
"value": "Disabled",
"label": "Last Heartbeat Status",
"name": "Disabled",
"description": "Last Heartbeat status received for this Secret.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"lastHeartBeatCheck": {
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Last Heart Beat Check",
"name": null,
"description": "When the last heartbeat status was received.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"heartbeatEnabled": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Heartbeat Enabled",
"name": "Heartbeat Enabled",
"description": "Whether or not heartbeat is enabled for this Secret.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"expiration": {
"fieldInputType": null,
"sortOrder": null,
"value": "Expires in 29 days. (Expires every 30 day(s))",
"label": "Expiration",
"name": null,
"description": "Secret Expiration applies to one field of a Secret Template (most commonly the password field) and may trigger a password change for that Secret if Auto-Change is configured for Remote Password Changing.",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"launchers": [
{
"name": "RDP Launcher",
"typeId": 1,
"imagePath": "https://d3sec.secretservercloud.com/themes/GlobalImages/rdp.png",
"isRecorded": false,
"hasProxyCredentials": true
}
],
"isFavorite": false,
"autoChangePassword": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Auto Change Enabled",
"name": "Auto Change Enabled",
"description": "When enabled this Secret will be set to expire on a schedule and change the password. After creation view the RPC tab for details.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"canGenerateSshKey": false,
"slugPrivateKey": null,
"slugPublicKey": null,
"isTotpEnabled": false,
"totpPasswordSlug": null
}
Key Fields
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
{'fieldInputType': None, 'sortOrder': None, 'value': False, 'label': 'Enable Inherit Secret Policy', 'name': None, 'description': 'This Secret will inherit or have the same Secret Policy settings as the parent folder.', 'readOnly': True, 'placeholder': None, 'hidden': True, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': 'Secret is DoubleLocked', 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
secretPolicy
{'fieldInputType': None, 'sortOrder': None, 'value': None, 'label': 'Secret Policy', 'name': '< No Policy >', 'description': 'This policy will be applied to all new Secrets which are added to this folder and any existing Secrets that inherit the Policy', 'readOnly': True, 'placeholder': None, 'hidden': True, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': 'Secret is DoubleLocked', 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
site
{'fieldInputType': None, 'sortOrder': None, 'value': 1, 'label': 'Site', 'name': 'Default', 'description': 'The container in which heartbeat, RPC, and other Secret activities occur.', 'readOnly': False, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
template
{'fieldInputType': None, 'sortOrder': None, 'value': 6001, 'label': 'Secret Template', 'name': 'Active Directory Account', 'description': 'Describes the type of Secret such as which fields, launchers, and password requirements.', 'readOnly': True, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
active
{'fieldInputType': None, 'sortOrder': None, 'value': True, 'label': 'Active', 'name': None, 'description': 'Whether or not the Secret is Active', 'readOnly': None, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
fields
{'slug': 'domain', 'type': 'Text', 'dropDownOptions': None, 'passwordRequirementId': None, 'listType': 0, 'fieldInputType': None, 'sortOrder': None, 'value': 'D3security', 'label': 'Domain', 'name': 'Domain', 'description': 'The Server or Location of the Active Directory Domain.', 'readOnly': False, 'placeholder': None, 'hidden': False, 'hideOnView': False, 'hasHistory': True, 'isRequired': True, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
{'fieldInputType': None, 'sortOrder': None, 'value': None, 'label': 'Folder', 'name': '', 'description': 'The folder in which a Secret resides.', 'readOnly': None, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
isOutOfSync
{'fieldInputType': None, 'sortOrder': None, 'value': False, 'label': 'Out of Sync', 'name': None, 'description': 'Out of sync indicates that a Password is setup for autochange and has failed its last password change attempt or has exceeded the maximum RPC attempts.', 'readOnly': True, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
{'fieldInputType': None, 'sortOrder': None, 'value': False, 'label': 'Heartbeat Enabled', 'name': 'Heartbeat Enabled', 'description': 'Whether or not heartbeat is enabled for this Secret.', 'readOnly': True, 'placeholder': None, 'hidden': True, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
expiration
{'fieldInputType': None, 'sortOrder': None, 'value': 'Expires in 29 days. (Expires every 30 day(s))', 'label': 'Expiration', 'name': None, 'description': 'Secret Expiration applies to one field of a Secret Template (most commonly the password field) and may trigger a password change for that Secret if Auto-Change is configured for Remote Password Changing.', 'readOnly': None, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
{'fieldInputType': None, 'sortOrder': None, 'value': False, 'label': 'Auto Change Enabled', 'name': 'Auto Change Enabled', 'description': 'When enabled this Secret will be set to expire on a schedule and change the password. After creation view the RPC tab for details.', 'readOnly': True, 'placeholder': None, 'hidden': True, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
canGenerateSshKey
False
slugPrivateKey
None
slugPublicKey
None
isTotpEnabled
False
totpPasswordSlug
None
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Update Restricted Secret Password failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 403
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Access Denied
Error Sample Data
Update Secret Password failed.
Status Code: 403
Message: Access Denied
Update Secret Password
Updates the password of a specified secret on the local Secret Server. If the secret is a restricted secret, please use the Update Restricted Secret Password command.
Reader Note
The parameter Secret IDs is required to run this command.
Run the Search Secrets command to obtain Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API Version v1.
Input
Input Parameter
Required/Optional
Description
Example
Secret ID
Required
The ID of the secret to update the password for. Secret ID can be obtained using the Search Secrets command.
11
New Password
Required
The new password for the secret.
NEWPassw0rd!@#
Output
Raw Data
The primary response data from the API request.
SAMPLE DATA
JSON
{
"id": 11,
"name": {
"fieldInputType": null,
"sortOrder": null,
"value": "***",
"label": "Secret Name",
"name": null,
"description": "Secret Name",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": false,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"enableInheritSecretPolicy": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Enable Inherit Secret Policy",
"name": null,
"description": "This Secret will inherit or have the same Secret Policy settings as the parent folder.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"secretPolicy": {
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Secret Policy",
"name": "< No Policy >",
"description": "This policy will be applied to all new Secrets which are added to this folder and any existing Secrets that inherit the Policy",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"site": {
"fieldInputType": null,
"sortOrder": null,
"value": 1,
"label": "Site",
"name": "Default",
"description": "The container in which heartbeat, RPC, and other Secret activities occur.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"template": {
"fieldInputType": null,
"sortOrder": null,
"value": 6003,
"label": "Secret Template",
"name": "Windows Account",
"description": "Describes the type of Secret such as which fields, launchers, and password requirements.",
"readOnly": true,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"active": {
"fieldInputType": null,
"sortOrder": null,
"value": true,
"label": "Active",
"name": null,
"description": "Whether or not the Secret is Active",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"fields": [
{
"slug": "machine",
"type": "Text",
"dropDownOptions": null,
"passwordRequirementId": null,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": "jyao",
"label": "Machine",
"name": "Machine",
"description": "The Server or Location of the Windows Machine.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
{
"slug": "username",
"type": "Text",
"dropDownOptions": null,
"passwordRequirementId": null,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": "sysint",
"label": "Username",
"name": "Username",
"description": "The Username of the Windows User.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
{
"slug": "password",
"type": "Password",
"dropDownOptions": null,
"passwordRequirementId": 1,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Password",
"name": "Password",
"description": "The password of the Windows User.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
{
"slug": "notes",
"type": "Notes",
"dropDownOptions": null,
"passwordRequirementId": null,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": "",
"label": "Notes",
"name": "Notes",
"description": "Any additional notes.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": false,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
}
],
"folder": {
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Folder",
"name": "",
"description": "The folder in which a Secret resides.",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"isOutOfSync": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Out of Sync",
"name": null,
"description": "Out of sync indicates that a Password is setup for autochange and has failed its last password change attempt or has exceeded the maximum RPC attempts.",
"readOnly": true,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"outOfSyncReason": null,
"lastHeartBeatStatus": {
"fieldInputType": null,
"sortOrder": null,
"value": "Disabled",
"label": "Last Heartbeat Status",
"name": "Pending",
"description": "Last Heartbeat status received for this Secret.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"lastHeartBeatCheck": {
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Last Heart Beat Check",
"name": null,
"description": "When the last heartbeat status was received.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"heartbeatEnabled": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Heartbeat Enabled",
"name": "Heartbeat Enabled",
"description": "Whether or not heartbeat is enabled for this Secret.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"expiration": {
"fieldInputType": null,
"sortOrder": null,
"value": "Expires in 29 days. (Expires every 30 day(s))",
"label": "Expiration",
"name": null,
"description": "Secret Expiration applies to one field of a Secret Template (most commonly the password field) and may trigger a password change for that Secret if Auto-Change is configured for Remote Password Changing.",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"launchers": [
{
"name": "RDP Launcher",
"typeId": 1,
"imagePath": "https://d3sec.secretservercloud.com/themes/GlobalImages/rdp.png",
"isRecorded": false,
"hasProxyCredentials": true
}
],
"isFavorite": false,
"autoChangePassword": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Auto Change Enabled",
"name": "Auto Change Enabled",
"description": "When enabled this Secret will be set to expire on a schedule and change the password. After creation view the RPC tab for details.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"canGenerateSshKey": false,
"slugPrivateKey": null,
"slugPublicKey": null,
"isTotpEnabled": false,
"totpPasswordSlug": null
}
Key Fields
Common cyber security indicators such as unique IDs, file hash values, CVE numbers, IP addresses, etc., will be extracted from Raw Data as Key Fields. The system stores these key fields in the path $.[playbookTask].outputData. You can use these key-value pairs as data points for playbook task inputs.
SAMPLE DATA
CODE
{
"id": 11,
"name": {
"fieldInputType": null,
"sortOrder": null,
"value": "***",
"label": "Secret Name",
"name": null,
"description": "Secret Name",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": false,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"enableInheritSecretPolicy": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Enable Inherit Secret Policy",
"name": null,
"description": "This Secret will inherit or have the same Secret Policy settings as the parent folder.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"secretPolicy": {
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Secret Policy",
"name": "< No Policy >",
"description": "This policy will be applied to all new Secrets which are added to this folder and any existing Secrets that inherit the Policy",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"site": {
"fieldInputType": null,
"sortOrder": null,
"value": 1,
"label": "Site",
"name": "Default",
"description": "The container in which heartbeat, RPC, and other Secret activities occur.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"template": {
"fieldInputType": null,
"sortOrder": null,
"value": 6003,
"label": "Secret Template",
"name": "Windows Account",
"description": "Describes the type of Secret such as which fields, launchers, and password requirements.",
"readOnly": true,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"active": {
"fieldInputType": null,
"sortOrder": null,
"value": true,
"label": "Active",
"name": null,
"description": "Whether or not the Secret is Active",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"fields": [
{
"slug": "machine",
"type": "Text",
"dropDownOptions": null,
"passwordRequirementId": null,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": "jyao",
"label": "Machine",
"name": "Machine",
"description": "The Server or Location of the Windows Machine.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
{
"slug": "username",
"type": "Text",
"dropDownOptions": null,
"passwordRequirementId": null,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": "sysint",
"label": "Username",
"name": "Username",
"description": "The Username of the Windows User.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
{
"slug": "password",
"type": "Password",
"dropDownOptions": null,
"passwordRequirementId": 1,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Password",
"name": "Password",
"description": "The password of the Windows User.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": true,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
{
"slug": "notes",
"type": "Notes",
"dropDownOptions": null,
"passwordRequirementId": null,
"listType": 0,
"fieldInputType": null,
"sortOrder": null,
"value": "",
"label": "Notes",
"name": "Notes",
"description": "Any additional notes.",
"readOnly": false,
"placeholder": null,
"hidden": false,
"hideOnView": false,
"hasHistory": true,
"isRequired": false,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
}
],
"folder": {
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Folder",
"name": "",
"description": "The folder in which a Secret resides.",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"isOutOfSync": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Out of Sync",
"name": null,
"description": "Out of sync indicates that a Password is setup for autochange and has failed its last password change attempt or has exceeded the maximum RPC attempts.",
"readOnly": true,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"outOfSyncReason": null,
"lastHeartBeatStatus": {
"fieldInputType": null,
"sortOrder": null,
"value": "Disabled",
"label": "Last Heartbeat Status",
"name": "Pending",
"description": "Last Heartbeat status received for this Secret.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"lastHeartBeatCheck": {
"fieldInputType": null,
"sortOrder": null,
"value": null,
"label": "Last Heart Beat Check",
"name": null,
"description": "When the last heartbeat status was received.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"heartbeatEnabled": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Heartbeat Enabled",
"name": "Heartbeat Enabled",
"description": "Whether or not heartbeat is enabled for this Secret.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"expiration": {
"fieldInputType": null,
"sortOrder": null,
"value": "Expires in 29 days. (Expires every 30 day(s))",
"label": "Expiration",
"name": null,
"description": "Secret Expiration applies to one field of a Secret Template (most commonly the password field) and may trigger a password change for that Secret if Auto-Change is configured for Remote Password Changing.",
"readOnly": null,
"placeholder": null,
"hidden": false,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"launchers": [
{
"name": "RDP Launcher",
"typeId": 1,
"imagePath": "https://d3sec.secretservercloud.com/themes/GlobalImages/rdp.png",
"isRecorded": false,
"hasProxyCredentials": true
}
],
"isFavorite": false,
"autoChangePassword": {
"fieldInputType": null,
"sortOrder": null,
"value": false,
"label": "Auto Change Enabled",
"name": "Auto Change Enabled",
"description": "When enabled this Secret will be set to expire on a schedule and change the password. After creation view the RPC tab for details.",
"readOnly": true,
"placeholder": null,
"hidden": true,
"hideOnView": null,
"hasHistory": null,
"isRequired": null,
"readOnlyReason": null,
"helpLink": null,
"helpLinkText": null,
"maxLength": null,
"additionalLinks": null
},
"canGenerateSshKey": false,
"slugPrivateKey": null,
"slugPublicKey": null,
"isTotpEnabled": false,
"totpPasswordSlug": null
}
Return Data
Indicates one of the possible command execution states: Successful or Failed.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
Return Data can be passed down directly to a subsequent command or used to create conditional tasks in playbooks.
SAMPLE DATA
CODE
Successful
Result
Provides a brief summary of outputs in an HTML formatted table.
{'fieldInputType': None, 'sortOrder': None, 'value': False, 'label': 'Enable Inherit Secret Policy', 'name': None, 'description': 'This Secret will inherit or have the same Secret Policy settings as the parent folder.', 'readOnly': False, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
secretPolicy
{'fieldInputType': None, 'sortOrder': None, 'value': None, 'label': 'Secret Policy', 'name': '< No Policy >', 'description': 'This policy will be applied to all new Secrets which are added to this folder and any existing Secrets that inherit the Policy', 'readOnly': False, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
site
{'fieldInputType': None, 'sortOrder': None, 'value': 1, 'label': 'Site', 'name': 'Default', 'description': 'The container in which heartbeat, RPC, and other Secret activities occur.', 'readOnly': False, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
template
{'fieldInputType': None, 'sortOrder': None, 'value': ***, 'label': 'Secret Template', 'name': 'Windows Account', 'description': 'Describes the type of Secret such as which fields, launchers, and password requirements.', 'readOnly': True, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
active
{'fieldInputType': None, 'sortOrder': None, 'value': True, 'label': 'Active', 'name': None, 'description': 'Whether or not the Secret is Active', 'readOnly': None, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
fields
{'slug': 'machine', 'type': 'Text', 'dropDownOptions': None, 'passwordRequirementId': None, 'listType': 0, 'fieldInputType': None, 'sortOrder': None, 'value': 'jyao', 'label': 'Machine', 'name': 'Machine', 'description': 'The Server or Location of the Windows Machine.', 'readOnly': False, 'placeholder': None, 'hidden': False, 'hideOnView': False, 'hasHistory': True, 'isRequired': True, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
{'fieldInputType': None, 'sortOrder': None, 'value': None, 'label': 'Folder', 'name': '', 'description': 'The folder in which a Secret resides.', 'readOnly': None, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
isOutOfSync
{'fieldInputType': None, 'sortOrder': None, 'value': False, 'label': 'Out of Sync', 'name': None, 'description': 'Out of sync indicates that a Password is setup for autochange and has failed its last password change attempt or has exceeded the maximum RPC attempts.', 'readOnly': True, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
{'fieldInputType': None, 'sortOrder': None, 'value': False, 'label': 'Heartbeat Enabled', 'name': 'Heartbeat Enabled', 'description': 'Whether or not heartbeat is enabled for this Secret.', 'readOnly': True, 'placeholder': None, 'hidden': True, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
expiration
{'fieldInputType': None, 'sortOrder': None, 'value': 'Expires in 29 days. (Expires every 30 day(s))', 'label': 'Expiration', 'name': None, 'description': 'Secret Expiration applies to one field of a Secret Template (most commonly the password field) and may trigger a password change for that Secret if Auto-Change is configured for Remote Password Changing.', 'readOnly': None, 'placeholder': None, 'hidden': False, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
{'fieldInputType': None, 'sortOrder': None, 'value': False, 'label': 'Auto Change Enabled', 'name': 'Auto Change Enabled', 'description': 'When enabled this Secret will be set to expire on a schedule and change the password. After creation view the RPC tab for details.', 'readOnly': True, 'placeholder': None, 'hidden': True, 'hideOnView': None, 'hasHistory': None, 'isRequired': None, 'readOnlyReason': None, 'helpLink': None, 'helpLinkText': None, 'maxLength': None, 'additionalLinks': None}
canGenerateSshKey
False
slugPrivateKey
None
slugPublicKey
None
isTotpEnabled
False
totpPasswordSlug
None
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The errortab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Update Secret Password failed.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 500.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: The requested Secret is DoubleLocked.
Error Sample Data
Update Secret Password failed.
Status Code: 500.
Message: The requested Secret is DoubleLocked.
Test Connection
Allows you to perform a health check on an integration connection. You can schedule a periodic health check by selecting Connection Health Check when editing an integration connection.
Input
N/A
Output
Return Data
Indicates one of the possible command execution states: Successful or Failed.
The Failed state can be triggered by any of the following errors:
A connection issue with the integration
The API returned an error message
No response from the API
You can view more details about an error in the Error tab.
SAMPLE DATA
CODE
Successful
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error
Description
Example
Failure Indicator
Indicates the command failure that happened at a specific input and/or API call.
Test Connection failed. Failed to check the connector.
Status Code
The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Thycotic Secret Server portal. Refer to the HTTP Status Code Registry for details.
Status Code: 500.
Message
The raw data or captured key error message from the integration API server about the API request failure.
Message: Exceptions must derive from BaseException.
Error Sample Data
Test Connection failed. Failed to check the connector.
Status Code: 500.
Message: Exceptions must derive from BaseException.
FAQ
Enabling Secret Check Out
Log in to your Thycotic Secret Server Console.
Navigate to Secrets, click the arrow beside it. Click All Secrets, and click the secret you want to edit.
Click the Security tab. And click the Edit button beside Check Out.
Check the Require Check Out option, and click Save.
JavaScript errors detected
Please note, these errors can depend on your browser setup.
If this problem persists, please contact our support.