---
title: Obfuscate access and secret key
description: Using the ASE command line interface, obfuscate the access key and secret key in abs.conf. The access key and secret key has been sent to you through the PingIdentity welcome email. ASE ships with a default master key (ase_master.key) which is used to obfuscate other keys and passwords. You can generate your own ase_master.key. For more information, see Obfuscate key and passwords
component: pingintelligence
version: 5.1
page_id: pingintelligence:pingintelligence_poc:pingintelligence_cloud_obfuscate_access_secret_key
canonical_url: https://docs.pingidentity.com/pingintelligence/5.1/pingintelligence_poc/pingintelligence_cloud_obfuscate_access_secret_key.html
revdate: March 21, 2024
section_ids:
  obfuscate-access-and-secret-keys: Obfuscate access and secret keys
---

# Obfuscate access and secret key

Using the ASE command line interface, obfuscate the access key and secret key in `abs.conf`. The access key and secret key has been sent to you through the PingIdentity welcome email. ASE ships with a default master key (`ase_master.key`) which is used to obfuscate other keys and passwords. You can generate your own ase\_master.key. For more information, see [Obfuscate key and passwords](../api_security_enforcer/pingintelligence_obfuscating_keys_and_passwords.html)

|   |                                                                                                                                              |
| - | -------------------------------------------------------------------------------------------------------------------------------------------- |
|   | During the process of obfuscation password, ASE must be stopped. For more information, see [Stop ASE](pingintelligence_ase_start_stop.html). |

## **Obfuscate access and secret keys**

Enter the access key and secret key provided to you in clear text in `abs.conf`. Run the `obfuscate_keys` command to obfuscate:

```
/opt/pingidentity/ase/bin/cli.sh obfuscate_keys -u admin -p

Please take a backup of config/ase_master.key, config/ase.conf, config/abs.conf, and config/cluster.conf before proceeding

If config keys and passwords are already obfuscated using the current master key, they are not obfuscated again

Following keys will be obfuscated:
config/ase.conf: sender_password, keystore_password
config/abs.conf: access_key, secret_key
config/cluster.conf: cluster_secret_key

Do you want to proceed [y/n]:y
obfuscating config/ase.conf, success
obfuscating config/abs.conf, success
obfuscating config/cluster.conf, success
```

Start ASE after keys are obfuscated. For more information, see [Start ASE](pingintelligence_ase_start_stop.html).

|   |                                                                                                                                       |
| - | ------------------------------------------------------------------------------------------------------------------------------------- |
|   | ```
[.filepath]``ase_master.key`` must be present in the [.filepath]``/opt/pingidentity/ase/config/`` directory for ASE to start.
``` |