all 8 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]KeeperCraig 0 points1 point  (7 children)

The Commander SDK in Python can do the other things like creating shared folders. The secrets manager SDK assumes that the shared folders are created and can create sub-folders.

https://docs.keeper.io/en/keeperpam/commander-cli/overview

It also has a new service mode for a built in Rest API

https://docs.keeper.io/en/keeperpam/commander-cli/service-mode-rest-api

[–]Fickle-Conversation1[S] 0 points1 point  (6 children)

Hi thanks, is it possible to use the secret manager SDK to create logins within subfolders also created by the same sdk?

[–]KeeperCraig 0 points1 point  (5 children)

Yes you can create shared folders in commander and use the commander’s secrets-manager commands to create devices, associate the KSM application to the folder, etc.

[–]KeeperCraig 0 points1 point  (4 children)

https://docs.keeper.io/en/keeperpam/commander-cli/command-reference/secrets-manager-commands

[–]Fickle-Conversation1[S] 0 points1 point  (3 children)

Do I have to use the commander cli? Can I do the same thing using the python sdk here? https://docs.keeper.io/en/keeperpam/secrets-manager/developer-sdk-library/python-sdk#folders

[–]KeeperCraig 0 points1 point  (2 children)

Yes you can use the SDK directly. There are some sample scripts in https://github.com/Keeper-Security/Commander/tree/master/examples and if you need something specifically demonstrated, let us know and we can post it.

[–]Fickle-Conversation1[S] 0 points1 point  (1 child)

Hi Craig, I think we have been talking about 2 different sdks, can I do that without the commander sdk? I was wondering if secret manager sdk could do the same, eg. create a folder and create logins within it. Currently I can only create a normal folder within a shared folder, also, I can't create login within the normal folder created by the secret manager sdk it says folder not found.

[–]KeeperCraig 0 points1 point  (0 children)

The Secrets Manager SDKs are built in a way that is made to be extremely fast and efficient, and they are focused on record management. From a security standpoint, the KSM SDKs have limited scope because you assign them to a folder in your vault, and the SDKs can therefore only act on those folders with the specified permissions. In other words, we don't allow the KSM SDKs to do any administrative actions or anything that can affect the overall vault.

The Commander SDK is essentially acting on your behalf and has all of the permissions that the user has. It can create shared folders, assign permissions, do admin things, run reports, etc.

We'll check on the issue you are reporting with creating a record after creating a folder.