This guide walks through the main workflows in the UI.
A User Key stores a user's RSA public key and an encrypted copy of the master key. The private key never leaves the user.
Steps:
- Go to Secrets > User Keys.
- Click Add.
- Paste your RSA public key, or generate a new key pair from the UI.
- Save the User Key.
Notes:
- The first active User Key auto-generates the master key for the system.
- Additional User Keys must be activated by a user who already has an active key.
- The UI creates a key for the current user. If you need to create keys for other users, use the REST API with the appropriate permissions.
If you have netbox_secrets.change_userkey permission and an active key, you can activate other users.
- Go to Secrets > User Keys.
- Click Activate User Keys.
- Select one or more keys and provide your private key.
- Submit to activate.
A session key is required to encrypt or decrypt secrets.
From the UI:
- Open the User Key page.
- Click Request Session Key.
- Paste your RSA private key.
The session key is stored in the browser session and used for subsequent API requests.
Secret Roles are used to categorize secrets (for example, "Login Credentials" or "API Keys").
- Go to Secrets > Secret Roles.
- Add a new role.
- Navigate to an object (for example, a device).
- Click Add Secret.
- Fill in the secret details and plaintext.
- Save.
If you do not have an active session key, the UI prompts you to provide your private key.