Sharing Secrets

Sharing secrets allows you to collaborate with teammates by giving them controlled access to credentials. You choose whether others can view, edit, or manage each secret, ensuring the right people have the access they need without compromising security.

Share secrets with groups instead of individual users whenever possible. Doing so makes maintaining secret access easier because your supervisor or IT admin can add or remove users as needed, so you do not have to manage those changes.

To share secrets:

  1. Click the Credential Manager icon.

  2. Select a secret to share.

  3. Click the more options button next to the secret's name.

  4. Select Share.

    The browser opens a new tab with the Credential Manager full-page view and displays the sharing tab for that secret on the right-hand side.

    A list shows users who have access and their permission levels. If no users have access, the message 'This secret has not been shared with any other members' appears.

  5. Select Edit.

  6. Select the checkboxes next to users or groups to grant access to the secret. Clear a checkbox to remove their access.

  7. Select the dropdown arrow next to a user to change their sharing permissions.

  8. Choose one of the following permission levels for the folder:

    • Owner: Allows the user to have full control over the secret, including sharing it.

    • Edit: Allows the user to edit the secret.

    • View: Allows the user to view details without making changes.

    • List: Allows the user to see the secret in a list.

    Secret Server considers any secret that you are the owner of as 'Not Shared'. This means the secret does not appear in your 'Shared With Me' list. For secrets you do not own but have List, View, or Edit permissions for, Secret Server treats them as Shared secrets, even if you did not directly share them through the Share menu.

  9. Select Submit.

    After submitting, a confirmation message appears.

  10. Select the x to dismiss the confirmation panel.

Permissions granted to a secret cannot override a user's default system permissions. If a user does not have the Secret Server 'Edit Secret' permission assigned, they cannot edit the secret—even if you share that secret with them and grant Edit permissions. For more information, see Secret Server's Permissions.