I am currently using authentication.ps1 to store users’ credentials in Windows Authentication Manager after that log in to access a dashbaord. I noticed that the following code is added to Variables.ps1 file automatically:
I’m curious to know how this is done automatically. Is there commands in another configuration file somewhere that I am missing? Is there a configuration file that automatically looks for credentials in Windows Credential manager, then the code listed above gets added to Variables.ps1 file?
When you create new secrets in PSU, it stores the actual value of the secret in the Windows Credential Manager and only references the secret in varaibles.ps1.
We are actually using the Microsoft Secret Management Module and calling Set-Secret to create the secret in the store. Then, when you want to use the variable, we call Get-Secret to load the secret from the store and pass it to the jobs or use it to start processes.
Ok, I think I am starting to connect the dots here. What I’m working with is not creating them within the PSU gui but allowing them to be created by the script (specifically in the authentication.ps1 file).
If I understand correctly, the rest API provided here Importing Secret Variables (with script) - #2 by adam creates the credentials as a PSU secret variable and then the Set-Secret creates the credentials in Windows Credential Manager. Is that correct? If I’m using the api call to create the credentials in PSU that way, do I still need to use Set-Secret to create them in Windows Credential manager as well?
@adam do you mind to elaborate on the different above (creating the credentials with the API vs Set-Secret and if both are needed for my situation)? Thanks!
@adam related question: These variables are supposed to be visible in dashboards correct? I set one and I can’t see it when starting my dashboard. PS 7.1.3 Framework 3.5.1
