Automatically create entries in Password Safe

hansi

We are using the Password Safe and we are happy about using that. Sow far all entries have been entered manually and now we want to add entries automatically as well.

As a part of our deployment process on Linux systems, we use an Ansible script to finalise the deployment. The script sets a grub- and a root password. For now we create those entries manually in Password Safe.

We want to automatise this and use REST API calls. I’m uncertain how to do this. The fields we want to use in Password Safe are default fields. From what I can see in the instruction videos, the API builder can be used?

Can you give an example?

Best regards,
Tue Hansen
Service Architect Linux
Banedanmark

gabriel

Hello and welcome to the forum :)

In most r3 apps, automating tasks like this via API calls would be simple. But the PW Safe uses end to end encryption. This means that the server does not have access to the encryption keys required to handle encrypted data - this is done 100% on the user´s end (ie. on the frontend).

In theory, it would be possible for a server to only encrypt for others, as this just requires the public keys for each user the entry would be encrypted for. But we have not implemented this option on the backend yet.

E2EE is a very good standard to strive for, but it does have downsides, such as backend systems being limited on what they can do. A more basic, system wide encryption would enable this use case, but alas.

hansi

Hi gabriel,

Thank you and thank you for a prompt response!

I didn't think about the E2EE in that regard :(.

gabriel

Creating encrypted records for users on the backend is still a solvable issue, I am pretty sure - it would just require some dev time for r3.

Reading/modifying encrypted data on the backend is however a no-go, as this would negate E2EE. For just adding new entries, creation alone would be sufficient I would hope.