In order for Clarify to determine which vault to use at runtime, a connected server must be configured for remote or local usage.
- its own local vault;
- a remote vault in another Clarify server.
For example, a vault that exists on a server is considered a Local vault (to that server only). However, a server could use one vault and all of its entries (for example a vault in a QA server), and then at a later time, switch over and use a vault in a different Clarify server and all of its vault entries (for example, a vault in a Production Clarify server). This would be a Remote vault (again, to that connected server). What’s defined as local or remote is always from the perspective of the connected server.
Use the Vault Configuration Wizard to set local or remote vaults. To launch this wizard, click the Configure button located in the Auth Vault view toolbar.
Set connected server to use local vault
Setting a vault as local means that auth info to be used by Web Service calls is available from a vault that is local to the connected server.
Set connected server to use remote vault
A Remote Vault is how a connected server can access another server's vault entry
Once the server has been connected for a Remote Vault, the vault entries for the remote server now appears in the Admin Console.
To revert back to a Local Vault from Remote Vault: just re-select the Local Vault Radio button for that connected server.
Other Auth Toolbar Options
Several toolbar options on the Auth Vault setting view can be used to configure vault connections.
View Vault Configuration
The configuration of local or remote vault takes place in the Vault Configuration Wizard which can be opened from the Auth toolbar in the Auth Vault settings view.
This confirms if the connected server has the selected vault running on it.
- When connected locally, a message appears that the vault is running on the connected server
- When connected remotely, the server node(s) along with user name are confirmed.
Make changes to an existing vault entry - basically, refresh token and authorization type. You can not change the Alias or Environment. If you need to change Alias or Environment, you must delete the entry and create another.