In the authorizations feature, the administrator can define the access policies to senhasegura DSM . It is also possible to define access policies, such as:
Which resources can be accessed;
Authorization expiration date;
IPs allowed to perform requests;
Request origin address;
Environment where the authorization will be used;
System where the authorization will be used;
Secrets that can be accessed;
An application can have more than one authorization with different access policies.
To register an authorization follow the menu: DSM ➔ Applications ➔ Authorizations by application
Lookup for the desired application record and click at New authorization button;
At tab Settings fill the following fields:
Expiration date/time: Set a date and time when the authorization will be automatically revoked;
Enable: Define whether authorization is enabled for use or not;
Enable encryption of sensitive information: Define whether confidential data should be sent encrypted to the application;
If enabled, after saving the authorization, export the decryption key at: DSM ➔ Applications ➔ Authorizations by application;
Search for the desired authorization and click Download public key button;
Environment: Define the authorization environment. This property will be only used within senhasegura reports, logs and dashboards. Its value will not affect the application use;
System: Define the authorization system. This property will be only used within senhasegura reports, logs and dashboards. Its value will not affect the application use;
Allowed IPs: Comma-separated list of IPs that are allowed to use this authorization. Use the wildcard
*to record network intervals. E.g.:
Allowed HTTP referers: Application HTTP referers. It will be validated if exists;
At Secrets tab, select which secrets will be related to the authorization;
Click at Save button to finish;
View authorization API clients
To register a secret follow the menu: DSM ➔ Applications ➔ Authorizations by application.
In the authorization record you want to view the clients, click on the action View Authorization.
Click at View information button to view it information.
chapterCI/CD The CI/CD menu have information such as variables and deploys intercepted by senhasegura DSM through integrations with tools such as GitLab, GitHub, Azure DevOps, Jenkins, among others.
This information is useful for identifying secrets that are being used by applications, but are not being managed by senhasegura DSM .