I’m curious to know what customers strategies are for managing and protecting the API keys used to access secrets protected by DAP/Conjur.
When developers ask what the value of exchanging a clear text password for a clear text API key we can certainly offer the explanation that when integrated with EPV we are able to perform rotations but I’ve seen this not be truly satisfying to some people. If one compromised the key then they would be able to expose all passwords.
Do you combine this with AIM? Do you use encryption on scripts? Any assistance would be appreciated