In working with the Delinea Secret Server Azure DevOps Task we found we had passwords not being marked as secret. In further review we found the isSecret code snippet which is attempting to determine if the field is secret based on the name. I am requesting an improvement to use the information returned from the API, as we have fields that are secret and do not align with the name match that is setup.
To expand, when calling the /api/v2/secrets/id, each item returned from this API call have a key "isPassword" which is a boolean that could be used to easily identify if the admin of Secret Server intended for the field to be masked. See the REST API reference below. Secret Server allows the creation of custom templates allowing an admin to mark fields as passwords as they desire. Leveraging the "isPassword" from the API really is a must to ensure the fields are being marked appropriately in the Azure DevOps pipeline as the field name could be almost anything an admin wanted to set.
In working with the Delinea Secret Server Azure DevOps Task we found we had passwords not being marked as secret. In further review we found the isSecret code snippet which is attempting to determine if the field is secret based on the name. I am requesting an improvement to use the information returned from the API, as we have fields that are secret and do not align with the name match that is setup.
To expand, when calling the /api/v2/secrets/id, each item returned from this API call have a key "isPassword" which is a boolean that could be used to easily identify if the admin of Secret Server intended for the field to be masked. See the REST API reference below. Secret Server allows the creation of custom templates allowing an admin to mark fields as passwords as they desire. Leveraging the "isPassword" from the API really is a must to ensure the fields are being marked appropriately in the Azure DevOps pipeline as the field name could be almost anything an admin wanted to set.
https://updates.thycotic.net/secretserver/restapiguide/11.3.3/TokenAuth/#tag/Secrets/operation/SecretsService_GetSecretV2
Please let me know if there is any additional details I can provide.