While setting up appian temporary admin credentials are to be provided to the password.properties files which appian deletes after the app server restart where does it store these credentials? What happens to the other credentials stored in the password. properties file where does appian store them? I did look into the Appian_DB but i could only find hashed passwords for users.
Discussion posts and replies are publicly visible
Hello Ankur,
Is there any use case related to this question? Or is this just for the sake of curiosity? Or are you facing a problem or something similar?
Jose
Information security needs to know the alogrithm Appian uses to hash the password. We use Enterprise Password Vault which will be integrated with Appian and the password are changed periodically (Admin, email, DB) hence the requirement to locate the password repository.
Hi Ankur V,
If your infosec team has low-level curiosity regarding authentication and authorization, a good place to start would be to familiarize yourself with the available documentation on Appian Authentication.
Specifically, I think, you'll want to review the details on Appian authentication vs LDAP auth, and SAML auth.
I cannot speak specifically to integration with Enterprise Password Vault.
If you're not able succeed with a supported Appian configuration, consider opening a ticket with Appian Support.
Robert Shankin I am very much aware of the how the AA works with LDAP/SAML and their integration with Appian and any questions on that front i can very much answer them. There are passwords that are being stored in plaintext format on appian they would want to secure that with an enterprise password vault and especially for the DB connection from appian cloud to on-premise DB. I guess I would have them talk to Appian InfoSec directly for hashing and Salting methods used.