Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Keeper Password Manager Support
#1
Da das bei anderen Feature-Requests hier im Forum ja auch so toll klappt wollte ich folgenden Passwortmanager für die Integration vorschlagen:

https://keepersecurity.com/

Die Doku zu den Schnittstellen wäre hier:

Developer Tools - Enterprise Guide (keeper.io)


Würde uns sehr freuen, wenn ihr das in Betracht ziehen könntet.


Viele Grüße
Florian
Reply
#2
ok
Regards/Gruss
Oliver
Reply
#3
Hi,
I up this post.

is Keeper Secrets Manager integration planned in a future release?

Best regards.
Reply
#4
We have started to integrate - I have to check the current status...
Regards/Gruss
Oliver
Reply
#5
Will try to continue asap...
Regards/Gruss
Oliver
Reply
#6
thanks for reply, I will be patient  Cool
Reply
#7
First basic implementation is ready in 2022 Patch9 - they have indroduced a new API via NuGet-Package but this supports not really much - we can just read all Secrets - but they plan to extend their new API
Regards/Gruss
Oliver
Reply
#8
Oh wow great to hear! I'll start testing this feature soon!
Reply
#9
Unfortunately i dont get this to synchronize in any way - how can i debug this? The command line sync is not working either because my account uses MFA.
The configuration json is correctly created but if i want to synchronize a credential folder i just get "Reading data from 'Keeper Secrets Manager' failed. Index was outside the bounds of the array."
Reply
#10
We have to check that - I guess the used API do not support MFA - but I'm not sure at the moment
Regards/Gruss
Oliver
Reply
#11
Also i would highly recommend storing the json data encrypted in the user database and not unencrypted on disk - especially the default location of Documents gets saved to OneDrive - so plain text access tokens to the Keeper Secrets Manager is stored unencrypted locally and on OneDrive to "lazy" users.

Oh and by command line sync i meant the command line from ASG:
"C:\Program Files\ASG-Remote Desktop 2022 (X64)\ASGRD.exe" /syncaction:Keeper /syncid:44f...30 "/syncoutput:c:\temp\sync.txt" "/instance:..." "/loginusername:florian" "/loginpassword:*pwd*" /loginsubmit
Reply
#12
After a few days (maybe ASG restarts?) the sync is now working and i can successfully connect with credentials from Keeper Secrets Manager!
When does it update its records? Do i have to manually click "Synchronize now" in the folder or is there a setting on when this gets synchronized automatically?

So just a few improvement suggestions:
- as stated above store the KSM access data not in plain text on disk - maybe use the encrypted user database?
- synchronize folder layout - currently all folders are ignored and all secrets are just created in as a "flat hierachy" - unchecking the setting "create as flat hierarchy" has no effect
- synchronizing "only object names" results in an "Unhandled exception" if the credential is used in a connection - only "Sync objects with all data" is working
- if synchronized with all data the password can be shown by using "Show/hide password" in the credential field - it would be great if it would be possible to deny or disable that


Thanks so far for the integration and your work :-)
Reply
#13
Sync can be automated in different ways - you can use the command line to add a Windows Task (in Scheduler) - so it can run at any time you want. In Settings=>Startup you find an option to "Ask for sync on startup" - else you need to sync manually

Problem with KSM is that they have different ways how to access the data via API - command line tool, .NET Nuget package, ... and all have different feature sets (ugly for general integration) - currently we use the Nuget-Package because it is the easiest way - and I also reported that this includes only a subset of features - response was that it will be enhanced in future - perhaps you can also request that again!

And that's the first problem - folder structure can't be read with that Nuget package! Please raise support request (on KSM) that this should be implemented for better integration!!! I wait for newer version and will enhance the functionality in ASGRD asap.

Only object names - will check that! Seems to be a bug...

Show passwords in cleartext - option to disable is in Settings=>Environment=>Common
Regards/Gruss
Oliver
Reply




Users browsing this thread: 1 Guest(s)