Delinea Secret Server
LAST UPDATED: AUG 15, 2025
Overview
Delinea Secret Server, formerly known as Thycotic Secret Server, is a privileged account management solution designed for IT admins and IT security professionals to take charge and be in control of all password management-related processes across the organization.
D3 SOAR is providing REST operations to function with Delinea Secret Server.
Delinea Secret Server is available for use in:
Connection
To connect to Delinea Secret Server from D3 SOAR, follow this part to collect the required information below:
Parameter | Description | Example |
Server URL | The Server URL of the Delinea Secret Server instance. | https://*****.*****.com |
User Name | The User Name to authenticate the connection. | apiUser |
Password | The Password to authenticate the connection. | ***** |
API Version | The version of the API to use for the connection. | v1 |
Permission Requirements
Each endpoint in the Delinea Secret Server API requires a certain permission scope. The following are required scopes for the commands in this integration:
Command | Required Permission |
Activate Secrets |
|
Check In Secret | View Secret |
Check Out Secret | View Secret |
Create Folder |
|
Deactivate Secrets |
|
Fetch Secret by ID | View Secret |
Get Restricted Secrets |
|
Get Secrets | View Secret |
Get Secret States | View Secret |
Search Folders |
|
Search Secret Policies | View Secret Policy |
Search Secrets |
|
Search Secrets by Name | View Secret |
Search Secret Templates | View Secret Templates |
Update Folder | Administer Folders |
Update Secret Password |
|
Update Restricted Secret Password |
|
Test Connection | N/A |
Configuring Delinea Secret Server to Work with D3 SOAR
To use Delinea Secret Server in D3, users must configure RBAC on their own instance. The following sections demonstrate one method to enforce RBAC by creating a custom role, then creating a user and assigning that user to the role.
READER NOTE
The UI of Delinea Secret Server is subject to change. Refer to the following resources for the most current instructions:
Refer to Secret Server Role Permissions List for details on all available permission scopes.
Creating a Custom Role
Log into the Delinea Secret Server UI using administrative credentials.
Navigate to Administration > Users, Roles, Access > Roles, then click the Create Role button.
Enter the role name, then click the Create Role button.
Select the Permissions tab, then click the Add button.
Select the desired permissions, then click the Add button.
Creating a New User and Assigning a Role
Navigate to Administration > Users, Roles, Access > User Management, then click the Create User button.
.png?inst-v=1b09f58b-ce1d-4dbb-9e3d-07bb8e0b056b)
Configure and add the user.
Enter the Username and Display Name.
Create and confirm the password.
Select the Application Account checkbox.
Ensure that the Enable checkbox has been selected.
Click the Add User button.
Refer to Step 3, sub-steps 2 and 3 in Configuring D3 SOAR to Work with Delinea Secret Server.
Navigate to the Roles tab, then click the Edit button.
Select the role created for the user, then save the changes.
Configuring D3 SOAR to Work with Delinea Secret Server
Log in to D3 SOAR.
Find the Delinea Secret Server integration.
.png?inst-v=1b09f58b-ce1d-4dbb-9e3d-07bb8e0b056b)
Navigate to Configuration on the top header menu.
Click on the Integration icon on the left sidebar.
Type Delinea Secret Server in the search box to find the integration, then click it to select it.
Click + New Connection, on the right side of the Connections section. A new connection window will appear.
Configure the following fields to create a connection to Delinea Secret Server.
.png?inst-v=1b09f58b-ce1d-4dbb-9e3d-07bb8e0b056b)
Connection Name: The desired name for the connection.
Site: The site on which to use the integration connection. Use the drop-down menu to select the site. The Share to Internal Sites option enables all internal sites to use the connection. Selecting a specific site will only enable that site to use the connection.
Recipient site for events from connections Shared to Internal Sites: This field is displayed when Share to Internal Sites is selected for the Site field, allowing selection of the internal site for deploying the integration connection.
Agent Name (Optional): The proxy agent required to build the connection. Use the dropdown menu to select the proxy agent from a list of previously configured proxy agents.
Description (Optional): The description for the connection.
Tenant (Optional): When configuring the connection from a master tenant site, users can choose the specific tenant sites with which to share the connection. Once this setting is enabled, users can filter and select the desired tenant sites from the dropdowns to share the connection.
Configure User Permissions: Defines which users have access to the connection.
Active: The checkbox that enables the connection to be used when selected.
.png?inst-v=1b09f58b-ce1d-4dbb-9e3d-07bb8e0b056b)
System: This section contains the parameters defined specifically for the integration. These parameters must be configured to create the integration connection.
1. Input the Delinea Secret Server URL.
2. Copy the User Name from the Delinea Secret Server platform. Refer to step 2 of Creating a New User and Assigning a Role.
3. Copy the Password from the Delinea Secret Server platform. Refer to step 2 of Creating a New User and Assigning a Role.
4. Input the API Version: Ensure to input the correct API version, as certain commands use v1 while others require v2. Each command name includes (From v1) or (From v2) to indicate the required API version.Enable Password Vault: An optional feature that allows users to take the stored credentials from their own password vault. Refer to the password vault connection guide if needed.
Connection Health Check: Periodically checks the connection status by scheduling the Test Connection command at the specified interval (in minutes). Available only for active connections, this feature also allows configuring email notifications for failed attempts.
Test the connection.
Click on the Test Connection button to verify credentials and connectivity. A success alert displays Passed with a green checkmark. If the connection fails, review the parameters and retry.
Click OK to close the alert window.
Click + Add to create and add the configured connection.
Commands
Delinea Secret Server includes the following executable commands for users to set up schedules or create playbook workflows. With the Test Command, users can execute these commands independently for playbook troubleshooting.
Integration API Note
For more information about the Delinea Secret Server API, refer to the Delinea Secret Server API reference: https://{{subdomain}}.secretservercloud.com/app/#/admin/rest-api.
READER NOTE
Certain permissions are required for each command. Refer to the Permission Requirements and Configuring Delinea Secret Server to Work with D3 SOAR for details.
Activate Secrets
Activates specified, inactive secrets.
READER NOTE
Secret IDs is a required parameter to run this command.
Run the Search Secrets command with the Status set to Inactive to obtain the Secret ID of an inactive secret. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v2.
ALERT
When running the Search Secrets command, if $.records[*].checkedOut in the returned raw data is false, the secret must be checked out before activation. Run the Check Out Secret command to change $.records[*].checkedOut to true. If the secret is not checked out, the system returns the error message API_SecretRequiresCheckout.
Input
Input Parameter | Required/Optional | Description | Example |
Secret IDs | Required | The IDs of the secrets to activate. Secret IDs can be obtained using the Search Secrets command, with the Status set to Inactive. |
JSON
|
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Activate Secrets failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: API_SecretRequiresCheckout. |
Error Sample Data Activate Secrets failed. Status Code: 400. Message: API_SecretRequiresCheckout. |
Check In Secret
Checks in a specified, active secret. The command revokes exclusive access and allows other users to check out and view or edit the secret. Secret Check Out must be enabled before users can check in a secret. Users must disable Check Out before enabling DoubleLock. Once DoubleLock is enabled, users cannot check in the secret. Refer to Enabling Secret Check Out.
READER NOTE
Secret ID is a required parameter to run this command.
Run the Search Secrets command with the Status set to Active to obtain the Secret ID of an active secret. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Secret ID | Required | The ID of the secret to check in. Secret ID can be obtained using the Search Secrets command, with the Status set to Active. | ***** |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Check In Secret failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: API_CheckoutNotEnabled. |
Error Sample Data Check In Secret failed. Status Code: 400. Message: API_CheckoutNotEnabled. |
Check Out Secret
Checks out a specified, active secret. Check Out must be disabled before enabling DoubleLock. Once DoubleLock is enabled, the secret cannot be checked out.
READER NOTE
Secret ID is a required parameter to run this command.
Run the Search Secrets command with the Status set to Active to obtain the Secret ID of an active secret. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Secret ID | Required | The ID of the secret to check out. Secret ID can be obtained using the Search Secrets command. | ***** |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Check Out Secret failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied. |
Error Sample Data Check Out Secret failed. Status Code: 400. Message: Access Denied. |
Create Folder
Creates a new secret folder.
READER NOTE
Parent Folder ID is a required parameter to run this command.
Run the Search Folders command to obtain the Parent Folder ID. Parent Folder IDs can be found in the returned raw data at the path $.records[*].id.
Secret Policy ID is an optional parameter to run this command.
Run the Search Secret Policies command to obtain the Secret Policy ID. Secret Policy IDs can be found in the returned raw data at the path $.records[*].secretPolicyId.
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Folder Name | Required | The name of the folder to be created. | ***** |
Parent Folder ID | Required | The ID of the folder’s parent folder. Folder IDs can be obtained using the Search Folders command. A value of -1 creates a root folder. | 5 |
Inherit Permissions | Required | The option to inherit permissions from the parent folder when set to True. To create a root folder, the value must be False. | False |
Inherit Secret Policy | Required | The option to inherit the Secret Policy from the parent folder when set to True. To create a root folder, the value must be False. | False |
Secret Policy ID | Optional | The ID of the Secret Policy that applies security and other settings to secrets within the folder. Secret Policy IDs can be obtained using the Search Secret Policies command. | ***** |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Create Folder failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 500. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: User does not have the Administer Folder permission. |
Error Sample Data Create Folder failed. Status Code: 500. Message: User does not have the Administer Folder permission. |
Deactivate Secrets
Deactivates the specified, active secrets. Deactivated secrets are hidden from users who do not have a role with the View Deleted Secrets permission. Secret Server uses soft deletes to maintain the audit history for all data.
READER NOTE
Secret IDs is a required parameter to run this command.
Run the Search Secrets command with the Status set to Active to obtain the Secret ID of an active secret. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Secret IDs | Required | The IDs of the secrets to deactivate. Secret IDs can be obtained using the Search Secrets command with the Status set to Active. |
JSON
|
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Deactivate Secrets failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied. |
Error Sample Data Deactivate Secrets failed. Status Code: 400. Message: Access Denied. |
Fetch Secret by ID
Retrieves the details of a single secret by ID.
READER NOTE
Secret ID is a required parameter to run this command.
Run the Search Secrets command to obtain the Secret ID. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Secret ID | Required | The ID of the secret whose details will be retrieved. Secret ID can be obtained using the Search Secrets command. If details cannot be retrieved, the secret may require restricted actions. Run the Get Secret States command to determine whether the secret requires restricted actions. | ***** |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Fetch Secret by ID failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access denied. |
Error Sample Data Fetch Secret by ID failed. Status Code: 400. Message: Access denied. |
Get Restricted Secrets
Retrieves details of the specified restricted secrets. Details can include domain, user name, and password.
READER NOTE
Secret IDs is a required parameter to run this command.
Run the Search Secrets command to obtain the Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Secret IDs | Required | The IDs of the restricted secrets whose details will be retrieved. Secret IDs can be obtained using the Search Secrets command. If details cannot be retrieved, the secrets may require restricted actions. Run the Get Secret States command to determine whether the secret requires restricted actions. |
JSON
|
Comment | Optional | The comment to include when retrieving the restricted secret. If the secret requires a comment or approval to view, a reason for accessing the secret must be provided. | Test Comment |
DoubleLock Password | Optional | The DoubleLock password of a secret that is DoubleLocked. | ***** |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Restricted Secrets failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied. |
Error Sample Data Get Restricted Secrets failed. Status Code: 400. Message: Access Denied. |
Get Secrets
Retrieves details of the specified secrets. Details can include domain, user name, and password. For restricted secrets that require a comment or have DoubleLock enabled, use the Get Restricted Secrets command.
READER NOTE
Secret IDs is a required parameter to run this command.
Run the Search Secrets command to obtain the Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v2.
Input
Input Parameter | Required/Optional | Description | Example |
Secret IDs | Required | The IDs of the secrets whose details will be retrieved. Secret IDs can be obtained using the Search Secrets command. If details cannot be retrieved, the secrets may require restricted actions. Run the Get Secret States command to determine whether the secret requires restricted actions. |
JSON
|
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Secrets failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied. |
Error Sample Data Get Secrets failed. Status Code: 400. Message: Access Denied. |
Get Secret States
Retrieves the states of the specified secrets. The command helps users identify whether they require approval, DoubleLock, Check Out, or other restricted actions before running the Get Secrets command.
READER NOTE
Secret IDs is a required parameter to run this command.
Run the Search Secrets command to obtain the Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Secret IDs | Required | The IDs of the secrets whose states will be retrieved. Secret IDs can be obtained using the Search Secrets command. |
JSON
|
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Secret States failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied. |
Error Sample Data Get Secret States failed. Status Code: 400. Message: Access Denied. |
Search Folders
Retrieves folder information by folder name.
READER NOTE
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Folder Name | Optional | The full or partial name of the folder to retrieve. By default, all folders are returned regardless of their name. | d3lab |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Search Folders failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied. |
Error Sample Data Search Folders failed. Status Code: 403. Message: Access Denied. |
Search Secret Policies
Retrieves secret policies by secret policy name.
READER NOTE
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Secret Policy Name | Optional | The full or partial name of the secret policy to retrieve. By default, all secret policies are returned regardless of their name. | secretPolicy826 |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Search Secret Policies failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied. |
Error Sample Data Search Secret Policies failed. Status Code: 403. Message: Access Denied. |
Search Secrets
Retrieves secret information by secret template or status. Results can include restricted secrets.
READER NOTE
Secret Template IDs is an optional parameter to run this command.
Run the Search Secret Templates command to obtain the Secret Template IDs. Secret Template IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v2.
Input
Input Parameter | Required/Optional | Description | Example |
Secret Template IDs | Optional | The IDs of the secret templates on which the secrets are generated. By default, all secrets are returned regardless of their template. Secret Template IDs can be obtained using the Search Secret Templates command. |
JSON
|
Status | Optional | The status used to filter secrets. Available options are:
Secrets with any other status, such as None, are not returned. By default, only active secrets are returned. | Active |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Search Secrets failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied. |
Error Sample Data Search Secrets failed. Status Code: 403. Message: Access Denied. |
Search Secrets by Name
Retrieves secret information by secret name. Results can include restricted and inactive secrets.
READER NOTE
This command can only be used with API version v2.
Input
Input Parameter | Required/Optional | Description | Example |
Secret Name | Optional | The name of the secret whose information will be retrieved. By default, all secrets are returned. Returned secrets are sorted by secret name in ascending order. | office365AccountSecret_test826 |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Search Secrets by Name failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied. |
Error Sample Data Search Secrets by Name failed. Status Code: 403. Message: Access Denied. |
Search Secret Templates
Retrieves information about secret templates by secret template name.
READER NOTE
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Secret Template Name | Optional | The full or partial name of the secret template to retrieve. By default, all secret templates are returned regardless of their name. |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Search Secret Templates failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied. |
Error Sample Data Search Secret Templates failed. Status Code: 403. Message: Access Denied. |
Update Folder
Updates a single secret folder by folder ID.
READER NOTE
Folder ID is a required parameter to run this command.
Run the Search Folders command to obtain Folder ID. Folder IDs can be found in the returned raw data at the path $.records[*].id.
Parent Folder ID and Secret Policy ID are optional parameters to run this command.
Run the Search Folders command to obtain the Parent Folder ID. Folder IDs can be found in the returned raw data at the path $.records[*].id.
Run the Search Secret Policies command to obtain the Secret Policy ID. Secret Policy IDs can be found in the returned raw data at the path $.records[*].secretPolicyId.
This command can only be used with API version v1.
ALERT
Secret policies and permission settings cannot be modified on personal folders.
Input
Input Parameter | Required/Optional | Description | Example |
Folder ID | Required | The ID of the folder to be updated. Folder ID can be obtained using the Search Folders command. | ***** |
Folder Name | Optional | The new name of the folder to be updated. | d3labrootD |
Parent Folder ID | Optional | The ID of the folder’s new parent folder. Parent Folder IDs can be obtained using the Search Folders command. When set to -1, the folder is updated to a root folder. | -1 |
Inherit Permissions | Required | The option to inherit permissions from the parent folder when set to True. To update the folder to a root folder, the value must be False. | False |
Inherit Secret Policy | Required | The option to inherit the Secret Policy from the parent folder when set to True. To update the folder to a root folder, the value must be False. | False |
Secret Policy ID | Optional | The ID of the Secret Policy that applies security and other settings to secrets within the folder. Secret Policy IDs can be obtained using the Search Secret Policies command. | 1 |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Update Folder failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Cannot modify secret policy or permission settings on personal folders. |
Error Sample Data Update Folder failed. Status Code: 400. Message: Cannot modify secret policy or permission settings on personal folders. |
Update Restricted Secret Password
Updates the password of a specified restricted secret on a local Secret Server.
READER NOTE
Secret IDs is a required parameter to run this command.
Run the Search Secrets command to obtain the Secret IDs. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Secret ID | Required | The ID of the secret whose password will be changed. Secret IDs can be obtained using the Search Secrets command. | ***** |
Comment | Optional | The comment to include when retrieving the restricted secret. If the secret requires a comment or approval to view, a reason for accessing the secret must be provided. | Test Comment |
DoubleLock Password | Optional | The DoubleLock password of a secret that is DoubleLocked. | ***** |
New Password | Required | The new password for the restricted secret. | ***** |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Update Restricted Secret Password failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403 |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Access Denied |
Error Sample Data Update Secret Password failed. Status Code: 403 Message: Access Denied |
Update Secret Password
Updates the password of a specified secret on the local Secret Server. For restricted secrets, use the Update Restricted Secret Password command.
READER NOTE
Secret ID is a required parameter to run this command.
Run the Search Secrets command to obtain the Secret ID. Secret IDs can be found in the returned raw data at the path $.records[*].id.
This command can only be used with API version v1.
Input
Input Parameter | Required/Optional | Description | Example |
Secret ID | Required | The ID of the secret whose password will be updated. Secret ID can be obtained using the Search Secrets command. | ***** |
New Password | Required | The new password for the secret. | ***** |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Update Secret Password failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 500. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: The requested Secret is DoubleLocked. |
Error Sample Data Update Secret Password failed. Status Code: 500. Message: The requested Secret is DoubleLocked. |
Test Connection
Allows users to perform a health check on an integration connection. Users can schedule a periodic health check by selecting Connection Health Check when editing an integration connection.
Input
N/A
Output
Output Type | Description | Return Data Type |
Return Data | Indicates one of the possible command execution states: Successful or Failed. The Failed state can be triggered by any of the following errors:
More details about an error can be viewed in the Error tab. | String |
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Test Connection failed. Failed to check the connector. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Delinea Secret Server portal. Refer to the HTTP Status Code Registry for details. | Status Code: 500. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Exceptions must derive from BaseException. |
Error Sample Data Test Connection failed. Failed to check the connector. Status Code: 500. Message: Exceptions must derive from BaseException. |
FAQ
Enabling Secret Check Out
Navigate to Secrets > All Secrets, then click the secret that needs to be edited.
Click the Security tab, then click the Edit button under the Check Out section.
Enable the Require Check Out option, then save the changes.
