• /
  • EnglishEspañolFrançais日本語한국어Português
  • Log inStart now

Verified script execution for private locations

To prevent others from using your Synthetics Job Manager to assign scripted browsers, API tests, or step monitors, add verified script execution. Then, any changes to your Synthetics Job Manager will require a passphrase that is known only to you.

The private locations list in New Relic's UI includes a VSE column. A lock icon indicates that verified script execution has been set up for that location.

Passphrase security

Be sure to safeguard your Synthetics Job Manager's passphrase. No other users on your account can view it, and it is never stored in New Relic's collector.

Important

This restriction includes New Relic support personnel. Because our collector never stores your passphrase, our support team cannot recover or reset your passphrase for you. If you forget your passphrase, you will need to change it in the Synthetics Job Manager Overview page, and then update each monitor assigned to that private location.

Enable verified script execution

Do the following to enable verified script execution for the Synthetics Job Manager. Be sure to record your passphrase in a secure place.

  1. Go to one.newrelic.com > Synthetic monitoring > Private locations > (select a private location). Select the private location's ellipses icon, and click Edit. Enable verified script execution, and then save.

  2. Set the passphrase in your Docker or Kubernetes environment for synthetics job manager:

    • Docker:

      Add the VSE_PASSPHRASE environment variable to the Docker run command used to start your synthetics job manager:

      bash
      $
      docker run \
      >
          --name YOUR_CONTAINER_NAME \
      >
          -e "PRIVATE_LOCATION_KEY=YOUR_PRIVATE_LOCATION_KEY" \
      >
          -e VSE_PASSPHRASE="YOUR_PASSPHRASE" \
      >
          -v /var/run/docker.sock:/var/run/docker.sock:rw \
      >
          -d \
      >
          --restart unless-stopped \
      >
          newrelic/synthetics-job-manager:latest

    • Kubernetes:

      Set the synthetics.vsePassphrase value in the Helm install or upgrade command:

      bash
      $
      helm install YOUR_JOB_MANAGER_NAME YOUR_REPO_NAME/synthetics-job-manager -n YOUR_NAMESPACE --set synthetics.privateLocationKey=YOUR_PRIVATE_LOCATION_KEY --set synthetics.vsePassphrase=YOUR_PASSPHRASE

  3. From the Synthetics UI, select a monitor assigned to that location. Then select Settings > General.

  4. From the list of private locations, select your location, type your passphrase, and save. Be sure to record your passphrase in a secure place.

  5. Repeat steps 3 and 4 for each monitor you want to assign to your location.

Change your passphrase

To change your passphrase, do the following. Be sure to record your passphrase in a secure place.

  1. Update the passphrase in your Docker or Kubernetes environment for the synthetics job manager:

    • Docker:

      Stop your current synthetics job manager. Then use the Docker run command to start a new synthetics job manager with your updated VSE_PASSPHRASE environment variable:

      bash
      $
      docker run \
      >
        --name YOUR_CONTAINER_NAME \
      >
        -e "PRIVATE_LOCATION_KEY=YOUR_PRIVATE_LOCATION_KEY" \
      >
        -e VSE_PASSPHRASE="YOUR_PASSPHRASE" \
      >
        -v /var/run/docker.sock:/var/run/docker.sock:rw \
      >
        -d \
      >
        --restart unless-stopped \
      >
        newrelic/synthetics-job-manager:latest

    • Kubernetes:

      Use the Helm upgrade command to set your updated synthetics.vsePassphrase value:

      bash
      $
      helm install YOUR_JOB_MANAGER_NAME YOUR_REPO_NAME/synthetics-job-manager -n YOUR_NAMESPACE --set synthetics.privateLocationKey=YOUR_PRIVATE_LOCATION_KEY --set synthetics.vsePassphrase=YOUR_PASSPHRASE

  2. Go to one.newrelic.com > Synthetic monitoring > (click the assigned monitor) > Settings > General.

  3. From the list of private locations, select your location, type your new passphrase, and save.

  4. Repeat steps 2 and 3 for each monitor assigned to your location.

Disable verified script execution

To disable verified script execution:

  1. Remove the passphrase in your Docker or Kubernetes environment:

    • Docker:

      Stop your current synthetics job manager container. Then use the Docker run command to start a new job manager without the VSE_PASSPHRASE environment variable:

      bash
      $
      docker run \
      >
        --name YOUR_CONTAINER_NAME \
      >
        -e "PRIVATE_LOCATION_KEY=YOUR_PRIVATE_LOCATION_KEY" \
      >
        -e VSE_PASSPHRASE="YOUR_PASSPHRASE" \
      >
        -v /var/run/docker.sock:/var/run/docker.sock:rw \
      >
        -d \
      >
        --restart unless-stopped \
      >
        newrelic/synthetics-job-manager:latest

    • Kubernetes:

      Use the Helm upgrade command without the --set synthetics.vsePassphrase value:

      bash
      $
      helm install YOUR_JOB_MANAGER_NAME YOUR_REPO_NAME/synthetics-job-manager -n YOUR_NAMESPACE --set synthetics.privateLocationKey=YOUR_PRIVATE_LOCATION_KEY

  2. Go to one.newrelic.com > Synthetic monitoring > Private locations (select a private location). Clear the Enable verified script execution checkbox, then save.

Copyright © 2026 New Relic Inc.
CareersTerms of ServiceDMCA PolicyPatent NoticePrivacy NoticeCookie PolicyUK Slavery Act

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.