Personal Access Tokens
Personal Access tokens allow you to use automation scripts and CLI commands in your Cryptographic Security Platform Vaults that are using OIDC for authentication.
The following vaults must have OIDC without AD configured:
-
Cryptographic Security Platform Vault for Cryptographic APIs
-
Cryptographic Security Platform Vault for KMIP
-
Cryptographic Security Platform Vault for Secrets
The following vaults support using OIDC, AD or local authentication at the same time. For these vaults, only users with the OIDC authentication type (OIDC without AD) can use personal access tokens.
-
Cryptographic Security Platform Vault for Cloud Keys
-
Cryptographic Security Platform Vault for Databases
-
Cryptographic Security Platform Vault for VM Encryption
Each user can have one personal access token. The tokens act like passwords, and are not stored in Cryptographic Security Platform Vault. You must keep track of your own personal access token and keep it safe. If the personal access token is lost, there is no way to retrieve it. You will need to delete the existing token and create a new one.
Once created, you can use your personal access token when you login by providing it as a password. This allows your scripts and CLI to function seamlessly.
