Using .Net SDK

4 min

the kron pam net sdk allows developers to securely integrate kron pam vault capabilities into net based applications it enables runtime retrieval of privileged credentials, ensuring that applications, scripts, and services can authenticate dynamically without storing passwords locally or in configuration files the sdk is included with the kron pam agent package or available as a standalone package it supports the following framework versions net framework 4 7 net 5 0 net 6 0 net 7 0 net 8 0 the sdk is distributed with the kron pam agent package or a seperated package integration steps create or open your net project (e g , console app) add the kron pam sdk references to the project include the sdk namespaces using aapm sdk; using com kron aapm rpc; ensure the application has network access to the kron pam secrets management agent and/or kron pam password vault example implementation below is a sample test program demonstrating credential retrieval using the kron pam net sdk using aapm sdk; using com kron aapm rpc; string token = "6d8beac9 843c 41d1 8131 0cfc09fc4899"; string aname = "statictestaccount"; string pathname = "/testlinuxservers"; string serveraddress = "https //test krontech com"; string agentaddress = "http //10 20 30 40"; ushort agentport = 6396; try { console writeline("application started!"); var request = new accessrequestvalidtypes { accountname = aname, accounttoken = token, accountpath = pathname, responsetype = validresponsetype json, showusername = true, apiversion = "v2" }; console writeline("request object created!"); // passwordmanager passwordmanager = passwordmanager instance(agentaddress, agentport); // passwordmanager httpaddress(serveraddress); // passwordmanager passwordmanager = passwordmanager instance(agentaddress, agentport); // passwordmanager disableagentsecurechannel(); // passwordmanager disableinterceptorsecurerequest(); // passwordmanager ignoreagentcertificate(); // passwordmanager ignoreinterceptorcertificate(); response response = passwordmanager instance(agentaddress, agentport) httpaddress(serveraddress) disableagentsecurechannel() // disableinterceptorsecurerequest() // ignoreagentcertificate() ignoreinterceptorcertificate() getpassword(request); if (!response haserror()) console writeline("rpc response success = \[" + response getvalue() + "]"); else console writeline("rpc response error = \[" + response geterrvalue() + "]"); } catch (exception e) { console writeline(e); throw; } when executed successfully, the sdk returns live credentials from the kron pam vault rpc response success = \[username aioc, password xhg2vm3t] process finished with exit code 0 configuration parameters parameter definition serveraddress kron pam vault endpoint url token kron pam aapm token assigned for account accountname account name registered in kron pam vault accountpath account path within the vault (e g , /databases/sharedaccouts, /windows) comment optional descriptive comment for the fetching password showusername include username in response (true/false) passwordexpirationtime duration before password expiration (in minutes) passwordchangerequired whether to force a new password rotation upon retrieval prettify enables formatted response output responsetype format of the response (text, json) agentaddress kron pam secrets management agent ip address (hostname) agentport kron pam secrets management agent port number apiversion ensures that the aapm agent returns a response in the same format as kron pam for static credential types (default value v2) disableagentsecurechannel ignores connection errors when using a self signed certificate for the aapm agent disableinterceptorsecurerequest ignores connection errors when using a self signed certificate defined on kron pam ignoreagentcertificate parameter required for using the aapm agent without a certificate (not recommended) ignoreinterceptorcertificate parameter required for using kron pam without a certificate (not recommended)