Reference Guide
Secrets

Application Token

1min

Applications, programs, or scripts log in with the credentials of target systems, databases, etc., just like real people do. The passwords that the client applications use are stored in databases, configuration files, etc. This makes the target systems vulnerable if the client application is hacked or compromised in any way, causing the passwords to be accessed and used to attack the target systems.

To prevent this, target system passwords can be managed by Password Vault, and client applications can retrieve account passwords using Application Token Rest API.

Before configuring AAPM accounts, an SAPM account should be created.