From 32500d68c14e8d168172b63588edccdf1f99901e Mon Sep 17 00:00:00 2001 From: Loren Yeung Date: Fri, 27 Feb 2026 09:39:27 -0800 Subject: [PATCH] Update API_KEY_SECRET_ID instructions for clarity Clarified the requirements for the API_KEY_SECRET_ID in the context of creating a Custom Secret Manager, specifying scope limitations for secret usage. --- .../add-a-cyberark-conjur-custom-secret-manager.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/platform/secrets/secrets-management/add-a-cyberark-conjur-custom-secret-manager.md b/docs/platform/secrets/secrets-management/add-a-cyberark-conjur-custom-secret-manager.md index 29f6ac63c15..ea51db58b43 100644 --- a/docs/platform/secrets/secrets-management/add-a-cyberark-conjur-custom-secret-manager.md +++ b/docs/platform/secrets/secrets-management/add-a-cyberark-conjur-custom-secret-manager.md @@ -82,7 +82,7 @@ This topic shows you how to create a Secret Manager Template at the Project scop - **Value**: `<+input>` - `API_KEY_SECRET_ID` - **Type**: String - - **Value**: `conjur_api_key` + - **Value**: `<+input>` - `AUTHENTICATOR` - **Type**: String - **Value**: `<+input>` @@ -192,7 +192,7 @@ This topic shows you how to add a Custom Secret Manager in the project scope. - Select **Fixed** for the `CONJUR_APPLIANCE_URL`, `HOST_ID`, `AUTHENTICATOR`, `API_KEY_SECRET_ID`, and `ACCOUNT`. - - The `API_KEY_SECRET_ID` should be an identifier for a Harness Secret, to be used for authenticating with Conjur. Create the secret using any secret manager other than Conjur. Based on where you create the secret, this can be in the format of `account.secretid`, `org.secretid`, or just `secretid`. + - The `API_KEY_SECRET_ID` should be an identifier for a Harness Secret, to be used for authenticating with Conjur. Create the secret using any secret manager other than Conjur. Based on where you create the secret, this can be in the format of `account.secretid`, `org.secretid`, or just `secretid`. Note that if you're creating the Custom Secret Manager at an org or account scope, the secret must exist at either the same scope or higher - i.e. an org level Custom Secret Manager cannot use a project level secret, only an org or account secret, whereas a project level Custom Secret Manager can use a secret from any of the 3 levels. - The following values are used to authenticate with Conjur using this API URL format: