1. Secure Vault - Overview
Secure vault is used to store the sensitive information which needs to be provided during the automation execution process.
All secure data is stored in the Vault as secrets. Vault encrypts these secrets before writing them to persistent storage.
1.1: Key and Value Pair
For any secure vault variables, there would be a key and a value pair available. The value that gets stored can be under either “Global” scope or “User” scope level.
For more details, refer What is meant by Global/User scope? section.
When a new key is getting created, the value would be stored under both Global & User scope level.
For more details on key and value pair, refer How to Create a Key and Value Pair Under Secure Vault
1.1.1: What is meant by Global/User scope?
The scope defines which value must be picked up by the bot during execution, when the key is being referenced.
User scope takes priority over the Global scope. When a task is executed by a Jiffy user and the key/value pair is available at user scope for that particular Jiffy User ID, the same is used.
If the key value pair is not available at the User scope level, the system checks for the key value existence at a global level and uses it for execution.
- Jifuser1 has created a new key value pair with name “weblogin_password”.
- This key value pair is stored at both “Global” and “User” scope level. For the user scope, it would take the userID as Jifuser1.
- Jifuser3 edits the same key and provides the value and keep the scope at “User” level.
- The key “weblogin_password” is used in Task1.
When Jifuser2 tries to execute the task, the bot would check whether the value is available at user level for Jifuser2. Since it is not available, the value which is provided at the Global level will be used during execution.
When Jifuser1 tries to execute the task, the bot would check whether the value is available at user level for Jifuser1. and if so, it would provide the value back to the value which is stored for the key “weblogin_password” by the same user.
When Jifuser3 tries to execute the task, the bot would check whether the value is available at user level for Jifuser3. Since it is available, the value which is provided at the user level for user “Jifuser3” would be picked up.
1.2: Task Import – Export – Impact on Secure Key
When a task is getting imported to an environment, only the secure key is imported. The values associated with the key from the exported environment is not available in the environment where the task is imported to.
The user must edit the secure key to add a value.
- As a best practice the secure key should be added at the USER level in PRODUCTION environments.
- The user who is scheduling the tasks must add the secure key value as the bot would be fetching the values based on the user who has scheduled the task.