Managing Parameter Storage
SailPoint Parameter Storage allows admins to store and update privileged credentials in a single SailPoint managed secure repository. Parameter Storage provides secure handling of sensitive customer data removing the need for external storage solutions.
Parameter Storage supports three categories of parameters, each with several types.
-
Authentication - These are username + secret or other pieces of data that are required to authenticate an action.
-
Credential
-
Azure Entra ID Client
-
HTTP Custom Authorization
-
OAuth 2.0 Client Credentials Grant
-
-
Connection - These are parameters that are used to connect to target systems of actions. These could be hostnames, IP addresses, URLs etc. These are often repeated and if changed, benefit from one central place to update.
-
Active Directory
-
Entra ID
-
Server Address
-
WebApp
-
Kerberos
-
-
Authorization – This represents the authorization required for the action where the parameter is used.
- OAuth Scopes
Note
Parameter Storage is only available for customers in AWS regions where AWS Nitro Enclaves that SailPoint employs are supported.
Creating a Parameter
-
Go to Admin > Global > Parameter Storage.
-
Select Create Parameter.
-
Enter a unique Name for the parameter.
-
Enter a Description.
-
Select an Owner.
-
Select a Category. Choose between Authentication and Connection.
The category you select determines the type options to choose from.
-
Select a Type.
The type you choose determines the remaining fields you need to fill out. Select a type below to go to the table for the type of parameter you chose for the rest of the fields.
If you chose Authentication as the category, the type options are:
If you chose Connection as the category, the type options are:
If you chose Authorization as the category, the type options are:
-
After you’ve filled out all remaining fields, select Save to save the new parameter.
Note
You cannot edit the category or type of parameter after it has been created.
Authentication Parameters
Credential
Field | Description |
---|---|
Username | Enter the username . This can be any username, including a fully qualified domain username or an email address. |
Password | Enter the password. Before saving, select the unmask icon ![]() |
Azure Entra ID Client
Field | Description |
---|---|
Client ID | Enter a client ID. |
Client Secret | Enter the Client Secret. Before saving, select the unmask icon ![]() |
HTTP Custom Authorization
Field | Description |
---|---|
Header Name | Enter the header name. |
Header Value | Enter the header value. Before saving, select the unmask icon ![]() |
OAuth 2.0 Client Credentials Grant
Field | Description |
---|---|
Token URL | Enter the token URL. |
Client ID | Enter the Client ID. |
Client Secret | Enter the Client Secret. Before saving, select the unmask icon ![]() |
Credential Location | Select the credential location. Choose between Header and Body. |
Connection Parameters
Active Directory
Field | Description |
---|---|
Domain Controllers | Enter one or more domain controllers. Press Enter between values. To remove one that has been added, select the remove icon ![]() |
LDAPS Port [TLS] | Enter the LDAPS port. |
LDAP Port | the LDAP port. |
Domain FQDN | Enter the Domain FQDN. |
Entra ID
Field | Description |
---|---|
Tenant ID | Enter the tenant ID. |
Server Address
Field | Description |
---|---|
Address | Enter the DNS Address or IPv4 Address. |
WebApp
Field | Description |
---|---|
URL | Enter the URL. |
Kerberos
Field | Description |
---|---|
Realm | Enter the realm. |
KDC Address | Enter the KDC address. |
Port | Enter the port. |
Transport | Select the transport. Choose between UDP and TCP. |
Authorization Parameter
OAuth Scopes
Field | Description |
---|---|
Scopes | Enter one or more values. Press Enter between values. To remove one that has been added, select the remove icon ![]() |
Managing Parameters
The Parameters page is a centralized location to manage your organization’s stored parameters. You can view details, edit, update the secret, and delete a parameter.
Viewing Parameters
View details about the parameters from the Parameters page.
-
Go to Admin > Global > Parameter Storage.
-
Select the Actions icon
next to the parameter you want to view details for and choose View Details.
-
Select Close to exit out of the Details page.
Editing Parameters
Parameters can be edited after being created except for the category or type of parameter.
-
Go to Admin > Global > Parameter Storage.
-
Select the Actions icon
and choose Edit.
-
Make any changes you want to make.
-
Select Save to save your changes.
Updating the Parameter Secret
If a parameter secret has been changed, update the parameter secret.
-
Go to Admin > Global > Parameter Storage.
-
Select the Actions icon
and choose the Update option relevant to the parameter’s secret type.
-
Enter the new secret.
-
Select the unmask icon
to view the supplied secret before saving. You cannot unmask a secret after it has been saved.
-
Select Update to save changes.
Deleting Paramters
Parameters in use cannot be deleted. If the Delete button is disabled, the parameter is in use.
-
Go to Admin > Global > Parameter Storage.
-
Select Action icon
and choose Delete.
Documentation Feedback
Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.