...
Field Name | Description | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Details | This section contains detailed information about the credential. | ||||||||||||
Name |
| ||||||||||||
Version | System-supplied; version number of the current record, which is incremented by Universal Controller every time a user updates a record. Click on the Versions tab to view previous versions. For details, see Record Versioning. | ||||||||||||
Description |
| ||||||||||||
Member of Business Services |
| ||||||||||||
| Type of Credential.
| ||||||||||||
Provider | Specifies Provider. Options:
Default is Universal Controller. | ||||||||||||
Provider Parameters | When switching the Provider option, the default Provider Parameters for each provider will be populated. When switching to the Universal Controller provider, the Provider Parameters will not be displayed. | ||||||||||||
Runtime User |
| ||||||||||||
Runtime Password |
| ||||||||||||
Key Location |
| ||||||||||||
Passphrase |
| ||||||||||||
Token |
| ||||||||||||
Metadata | This section contains Metadata information about this record. | ||||||||||||
UUID | Universally Unique Identifier of this record. | ||||||||||||
Updated By | Name of the user that last updated this record. | ||||||||||||
Updated | Date and time that this record was last updated. | ||||||||||||
Created By | Name of the user that created this record. | ||||||||||||
Created | Date and time that this record was created. | ||||||||||||
Buttons | This section identifies the buttons displayed above and below the Credential Details that let you perform various actions. | ||||||||||||
Save | Saves a new Credential record in the Controller database. | ||||||||||||
Save & New | Saves a new record in the Controller database and redisplays empty Details so that you can create another new record. | ||||||||||||
Save & View | Saves a new record in the Controller database and continues to display that record. | ||||||||||||
New | Displays empty (except for default values) Details for creating a new record. | ||||||||||||
Update |
| ||||||||||||
Test Provider | For providers other than Universal Controller, Test Provider button will be available for validating the configured Provider Parameters. | ||||||||||||
Convert... | Allows you to convert the current Credential Type to a new type and define a new password for the Credential (see Converting Credential Types). | ||||||||||||
Delete |
| ||||||||||||
Refresh | Refreshes any dynamic data displayed in the Details. | ||||||||||||
Close | For pop-up view only; closes the pop-up view of this credential. | ||||||||||||
Tabs | This section identifies the tabs across the top of the Credential Details that provide access to additional information about the credential. | ||||||||||||
|
|
Provider Parameters
When switching the Provider option, the default Provider Parameters for each provider will be populated.
...
If a provider parameter is sensitive, it will be masked and encrypted and the server will never send a secure parameter value to the client.
AWS Secrets Manager
Provider Parameter | Required | Description |
---|---|---|
ACCESS_KEY_ID | true | The AWS access key, used to identify the user interacting with AWS. |
SECRET_ACCESS_KEY | true | The AWS secret access key, used to authenticate the user interacting with AWS. |
REGION | true | The region name (e.g., us-east-1). |
SECRET_ID | true | The ARN or name of the secret to retrieve. |
SECRET_PASSWORD_KEY | false | If this secret was created by using the console, then Secrets Manager stores the information as a JSON structure of key/value pairs. Specifies the key for the password in the JSON structure.
|
SECRET_PASSPHRASE_KEY | false | Specifies the key for the passphrase in the JSON structure.
|
SECRET_TOKEN_KEY | false | Specifies the key for the token in the JSON structure.
|
CACHE_TTL | false | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 3600 seconds / 1 hour) |
Azure Key Vault
Provider Parameter | Required | Description |
---|---|---|
KEY_VAULT_NAME | true | The name of the Key Vault used to build the vault URL to send HTTP requests to.
|
SECRET_NAME | true | The name of the secret. |
CLIENT_ID | true | The client (application) ID. |
TENANT_ID | true | The Azure Active Directory tenant (directory) Id. |
CLIENT_SECRET | The client secret used to authenticate.
| |
CLIENT_ASSERTION | The client assertion used to authenticate.
| |
PEM_CERTIFICATE | The path of the PEM certificate used for authenticating.
| |
PFX_CERTIFICATE | The path of the PFX certificate used for authenticating.
| |
PFX_CERTIFICATE_PASSWORD | The password for the PFX certificate.
| |
CACHE_TTL | false | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 28800 seconds / 8 hours) |
CyberArk Credential Provider
Provider Parameter | Required | Description |
---|---|---|
APPLICATION_ID | true | The unique ID of the application issuing the password request. |
SAFE | true | The name of the Safe where the password is stored. |
FOLDER | true | The name of the folder where the password is stored. |
OBJECT | true | The name of the password object to retrieve. |
REASON | false | The reason for retrieving the password. |
CACHE_TTL | false | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 5 |
CyberArk Central Credential Provider
Provider Parameter | Required | Description |
---|---|---|
HOST | true | The hostname of the Central Credential Provider. |
PORT | true | The port of the Central Credential Provider. |
APPLICATION_ID | true | The unique ID of the application issuing the password request. |
SAFE | true | The name of the Safe where the password is stored. |
FOLDER | true | The name of the folder where the password is stored. |
OBJECT | true | The name of the password object to retrieve. |
CACHE_TTL | false | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 5 seconds) |
...