Accessing Secret Server programmatically - PHP sample script

Secret Server Webservices can be called using scripts. This example demonstrates how to authenticate, retrieve a Secret, and update a Secret programatically in PHP. This is a working example for Secret Server Online; a test user infromation has been filled in and OrganizationCode passed in. The test user has been restricted to only viewing and editing this one Secret. There is also a perl script example.

If connecting to an Installed instance change the url  to match your site and pass in empty string for organizationCode.


These modules will need to be enabled in the php.ini
extension_dir = "ext" (depends on path to extension directory)



$secretServerURL = "";

//$secretServerURL = "http://localhost/webservices/SSWebService.asmx?WSDL";

$username = "thycotictest";
$password = "passwordt";
$organizationCode= "RT9R"; //only needed for Secret Server Online account
$secretId = 154178;

//Create the SOAP Client

print $secretServerURL."\n";
print "\n";
print "\n";

$soapClient = new SoapClient($secretServerURL);

//Get Version (simpliest call)

$versionResult = $soapClient->__soapCall("VersionGet", array());
$version = $versionResult->VersionGetResult->Version;
print "Secret Server Version is ".$version;
print "\n";
print "\n";


$params = array();
$params["username"] = $username;
$params["password"] = $password;
$params["organization"] = $organizationCode;

$authenticationResult = $soapClient->Authenticate($params);
$errors = (array) $authenticationResult->AuthenticateResult->Errors;
if(count($errors) > 0)
 print "Login Error for user(".$username.") : ".$errors["string"]."\n";

print "Login Successful \n\n";
$token = $authenticationResult->AuthenticateResult->Token;

//Load the Secret

$params = array();
$params["token"] = $token;
$params["secretId"] = $secretId;

$secretGetResult = $soapClient->GetSecret($params);
$errors = (array) $secretGetResult->GetSecretResult->Errors;
if(count($errors) > 0)
 print "Error getting Secret Id (".$secretId.") : ".$errors["string"]."\n";


$secret = $secretGetResult->GetSecretResult->Secret;
$secretTemplateId = $secret->SecretTypeId;
$secretName = $secret->Name;
$secretItems = (array)$secret->Items->SecretItem;

print "Secret Name: ".$secretName."\n\n";

foreach ($secretItems as $secretItem)
 $fieldName = $secretItem->FieldName;
 $fieldValue = $secretItem->Value;
 print $fieldName." : ".$fieldValue."\n";

print "\n\n";

//Update the Notes Field on the Secret

$updatedSecret = $secret;
$timestamp = @date("M-d-Y h:i:s",time());
$updatedValue = "This value was updated through webservices at ".$timestamp;
$indexOfNotes = 3;
print "Updating the Field (".$updatedSecret->Items->SecretItem[$indexOfNotes]->FieldName.") to : \n'".$updatedValue."'\n\n";
$updatedSecret->Items->SecretItem[$indexOfNotes]->Value = $updatedValue;

$params = array();
$params["token"] = $token;
$params["secret"] = $updatedSecret;

$secretUpdateResult = $soapClient->UpdateSecret($params);
$errors = (array) $secretUpdateResult->UpdateSecretResult->Errors;
if(count($errors) > 0)
 print "Error updating Secret Id (".$secretId.") : ".$errors["string"]."\n";

print "Update Successful\n\n";


Article ID: 110, Created On: 10/8/2010, Modified: 7/25/2013

Feedback (0)