Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Adapter for DNP3

TABLE OF CONTENTS

Secrets

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedMar 17, 2025
  • 3 minute read

AVEVA adapters use secrets when authenticating with sources and destinations. All secrets are encrypted and stored in the management_secrets.json file and are referenced by using their ID in other configurations' protected fields (for example, "clientSecret" : "{{Secret#2}}").

See How to reference secrets for more information on how to use a secret Id in other configurations.

Note: For adapters to be as secure as possible, any secret values you configure are stored in encrypted form where cryptographic key material is stored separately in a secure location. If you edit the files directly, the adapter may not work as expected.

Configure secrets

Complete the following steps to configure secrets.

  1. Use the PUT method in conjunction with the http://localhost:5590/api/v1/Management/Secrets REST endpoint to initialize the configuration.

  2. Using a text editor, create an empty text file.

  3. Copy and paste an example configuration for secrets into the file. For example:

    [

    {

    "id": "OmfEgress.DataEndpoints.Endpoint1.ClientSecret",

    "value": "CfDJ8FK3AvrP"

    },

    {

    "id": "MyCustomSecret",

    "description": "This is a secret",

    "expirationdate": "2024-06-17",

    "value": "pEjrGcq7&QK6CF"

    }

    ]

  4. Update the example JSON parameters for your environment. For a table of all available parameters, see the Secrets parameters section below.

  5. Save the file. For example, ConfigureSecrets.json.

  6. Open a command line session. Change directory to the location of ConfigureSecrets.json.

  7. Enter either of the following commands to initialize the secrets configuration.

    cURL example

    curl -d "@ConfigureSecrets.json" -H "Content-Type: application/json" -X PUT "http://localhost:5590/api/v1/Management/Secrets"

    Note: If you installed the adapter to listen on a non-default port, update 5590 to the port number in use.

    Edgecmd example

    edgecmd set secrets -file .\ConfigureSecrets.json

For a list of other REST operations you can perform, like updating or replacing an egress endpoints configuration, see the REST URLs section below.

On successful execution, the secrets change takes effect immediately during runtime.

Secrets parameters

The following parameters are available for configuring secrets:

Parameter

Required

Type

Description

id

Required

string

Id of configuration to be added, edited, or removed.

Allowed value: any string that does not contain curly braces. For example, <secretId> is acceptable but {{<secretId>}}, {<secretId>}, <secret{Id> or {<secretId> are not)

description

Optional

string

Description of the secret.

Note: The Description field is metadata and not used in the adapter.

Allowed value: any string
Default: null

expirationDate

Optional

datetime

Expiration date of the secret.

Allowed formats:

UTC: "yyyy-mm-ddThh:mm:ssZ";
Local: "yyyy-mm-ddThh:mm:ss".

If the time is not specified, it will default to the start of the day (for example, 2025-06-19 will default to 2025-06-19T00:00:00)

Default: null

Note: The ExpirationDate field is metadata and not used in the adapter.

value

Required

string

The secret value.

Allowed value: Any string that is not explicitly enclosed by double curly braces. For example, <value>, {{{<value>}}, or {{<val{ue>}} is acceptable but {{<value>}} is not)

Note: If the value is the masked value "***************", then the value is unchanged from the previous configuration. The system returns an error if the masked value is used when no previous configuration for the Id exists.

REST URLs

For the purpose of readability, the secret id is abbreviated.

Relative URL

HTTP verb

Action

api/v1/management/secrets

GET

Returns entire secrets configuration (secret values will be hidden by *s)

api/v1/management/secrets

PUT

Creates or replaces entire secrets configuration

api/v1/management/secrets

DELETE

Deletes entire secrets configuration

api/v1/management/secrets/<sid>

GET

Returns a single secret if it exists (secret values will be hidden by *s)

api/v1/management/secrets/<sid>

PUT

Creates or replaces a single secret

api/v1/management/secrets/<sid>

DELETE

Deletes a single secret

In This Topic
Related Links
TitleResults for “How to create a CRG?”Also Available in