Skip to content
Connection Guide

Connect Delinea Secret Server Without Breaking the Audit Trail

Use this guide to connect Delinea Secret Server or confirm the export-based path that fits your environment. Aurora keeps source, timestamps, ownership, and collection history attached so the first run becomes reusable proof instead of one-off setup work.

Connector Summary
Connection typeDirect connection
CategorySecurity
Checklist5 steps
Want help with rollout?
We'll confirm what can be automated, what stays export-based, and how to keep the first evidence record clean.

First-Run Checklist

Use this sequence to connect Delinea Secret Server and make sure the first collection lands cleanly.

  1. 1
    Create a dedicated read-only Secret Server service identity and issue a bearer/API token for it.
  2. 2
    Configure base_url and api_token, then validate the current-user probe.
  3. 3
    Export the customer instance Swagger or REST guide and set users_path, roles_path, role_assignments_path, audit_events_path, and config_snapshot_path to the exact supported list/read surfaces for that deployment.
  4. 4
    Keep runtime collection read-only; do not grant impersonation, secret edit, or folder-administration permissions.
  5. 5
    Revalidate the configured paths before enabling scheduled sync.

Credentials and Secrets

The keys, secrets, or tokens Aurora uses to authenticate and collect proof.

api_token

Recommended Access

Aurora only asks for the minimum read access needed for collection and checks.

Access requirements depend on the collection mode and scope you choose.