Microsoft.PowerShell.SecretManagement Module
Important
The PowerShell team has decided that Secret modules are is feature complete and will no longer be actively developed. The modules will continue to be supported for security and critical bug fixes. The code repository will be archived.
The latest versions published are:
The nature of secrets has fundamentally changed since this project was designed. Passwordless authentication methods such as passkeys, single sign-on, and federated credential systems such as Microsoft Entra ID, biometrics, and hardware security keys are the future.
PowerShell SecretManagement module provides a convenient way for a user to store and retrieve secrets. The secrets are stored in SecretManagement extension vaults. An extension vault is a PowerShell module that has been registered to SecretManagement, and exports five module functions required by SecretManagement. An extension vault can store secrets locally or remotely. Extension vaults are registered to the current logged in user context, and are available only to that user.
Microsoft.PowerShell.SecretManagement Cmdlets
| Cmdlet | Description |
|---|---|
| Get-Secret |
Finds and returns a secret by name from registered vaults. |
| Get-SecretInfo |
Finds and returns metadata information about secrets in registered vaults. |
| Get-SecretVault |
Finds and returns registered vault information. |
| Register-SecretVault |
Registers a SecretManagement extension vault module for the current user. |
| Remove-Secret |
Removes a secret from a specified registered extension vault. |
| Set-Secret |
Adds a secret to a SecretManagement registered vault. |
| Set-SecretInfo |
Adds or replaces additional secret metadata to a secret currently stored in a vault. |
| Set-SecretVaultDefault |
Sets the provided vault name as the default vault for the current user. |
| Test-SecretVault |
Runs an extension vault self test. |
| Unlock-SecretVault |
Unlocks an extension vault so that it can be accessed in the current session. |
| Unregister-SecretVault |
Un-registers an extension vault from SecretManagement for the current user. |