The shared secret consists of a secret name and one or more secret entry names. You can create only a secret name, or a secret name and an entry name. For ease of use, the entry name must match the policy that uses it:
For a Form Fill policy, the entry name must match a form field name.
For an Identity Injection policy, the entry name must match the Custom Header Name.
For an External Attributes policy, Secret Name must match the policy name and Secret Entry Name must match the attribute name configured while creating the policy.
For example, if the policy name is fetchattr and attribute name configured in the policy is address, then Secret Name must be fetchattr and Secret Entry Name must be address.
For information about using shared secrets with policies, see Creating and Managing Shared Secrets.
Identity Server needs to be configured to use shared secrets. For information about this process, see Configuring a User Store for Secrets.
Shared secret names can be created on the Custom Attributes page or in the associated policy that consumes them.
Click Devices > Identity Servers > Shared Settings > Custom Attributes > New.
Specify a new shared secret name and, optionally, a secret entry name.
Click OK.
(Optional) To create additional entries for the secret, click the name of the secret, click New, specify an entry name, and click OK.
WARNING:Identity Server cannot determine whether a policy is using a secret. Before you delete a shared secret, you must ensure that it is not in use.