Delinea Secret Server

  • Updated on Sep 17, 2025
  • Published on Sep 5, 2025
  • 2 minute(s) read
Prev Next

Delinea Secret Server is an enterprise-grade password management solution designed to help organizations securely store, manage, and control access to privileged credentials. For more information check Delinea’s official documentation.

Integration Method: API

Tables: Entity Management (3004), Group Management (3006)

This integration supports the following events.

Event

Description

Folder Audits

List of activities performed by user on folder

Folder Access Groups

List of groups having access to a folder

Folders

List of all the folders in Delinea

Secrets

List of all the secrets stored in Delinea

This integration supports the following versions.

Delinea Secret Server Version

22-07-2025

Delinea Secret Server API version

V2 for Secrets, V1 for other endpoints

Prerequisites

  • Access to Delinea Secret Server dashboard using System Administrator account

  • The user should have access to the DataBee console

Configuration Overview

  1. Generate an API token with the required scopes

  2. Add the Delinea Secret Server data feed in the DataBee console with the below parameters.

    DataBee Parameter

    Delinea Secret Server Parameter

    Client Key

    Username

    Client Secret

    Password

Delinea Secret Server Configuration

  1. Login to Delinea Secret Server Platform.
     

  2. Navigate to Access > Users from the sidebar.
     

  3. Navigate to More > Add service user.
     

  4. Add the ‘Username’ in format username@domain as shown below. Add appropriate ‘Display name’ and set a strong password. Store the username and the password securely as they’ll be used to configure the data source later on.
     

  5. Select the appropriate group if applicable and then click on Add.

    Note:

    Login with these credentials to the UI once to activate the user.

     

  6. Navigate to the Roles > Add Role.
     

  7. Fill out the necessary information then click on Save button.
     

  8. Navigate to Permissions > Add Permissions.
     

  9. Assign the permissions shown below.

    Title

    Name

    Administer Secret Server Folders

    delinea.vault/secretserver/administration/folders/ad

    View Identity settings

    delinea.platform/identity/admin/read

    Administer Secret Server Folder:

  10. Click on Users.
     

  11. Navigate to Users (In Filters) > Service users.
     

  12. Click on the service user created earlier.
     

  13. Navigate to Roles > Assign Roles.
     

  14. Select the role assigned earlier then click on Assign.
     

  15. Now we must give folder permission to the service user for each root level folder. If you have the complex folder structure skip to the Step 20.

  16. Navigate to Secret Server > Your Folder > 3 Dots after the name of the folder > Edit folder.
     

  17. Navigate to Permissions > Edit > Add.
     

  18. Select the service user created earlier. Select View in Folder Permissions and List in Secret Permissions. Then click on Save.
     

  19. Repeat the Step 16-18 for each root level folder. Make sure each sub folder inherited the permissions from parent folder. If any folder is not inherited parent perform the Step 16-18 for those folders as well.
     

  20. In case of multiple root folders with different ownerships or complex folder structures in which giving permission Individually is difficult, Contact Delinea Support Team and raise support case for the same.
     

  21. Navigate to Settings > Secret Server > Secret Server Connection. Here Login and Secret Server URL are in formats https://<instance_name>.delinea.app/identify/ and https://<instance_name>.secretservercloud.com respectively. Take the instance_name from these URLs and store it securely as it will be used to configure the data source.
     

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     

  2. Search for the Delinea Secret Server and click it as shown below.
     

  3. Click on the API Ingest option for collection method.
     

  4. Enter feed contact information and click Next.
     

  5. In the configuration page, confirm the following:

    • API Base URL: Replace the <instance> with your instance name.

    • Authorization Method: OAuth2.

    • Client Key: Paste the username created earlier.

    • Client Secret: Paste the password.

    • Token URL: Replace the <instance> with your instance name.

    • Event Types: Preselected for all the event types that integration pulls.
       

  6. Click on Test Connection, then click Submit.

Troubleshooting Tips

  • Ensure that the username and the password are correct. Paste them on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.

  • Ensure that Permissions and Role given to the Service User are correct.