Creating a CyberArk Credential

Follow the steps below to configure a CyberArk credential.

1. Navigate to Configuration | Settings.

2. Select Credentials and click + Add Credential.

3. From the Credential type drop-down, select CyberArk Credential

4. Enter a Name for the credential that fits your business need, in our example we used Hydden CyberArk Platform Credential.

5. For the Username, we use a service account that has been defined in the CyberArk platform. In your CyberArk instance, navigate to Identity Administration | Core Services | Users, select Service Accounts from the right menu. Find the service account created for the Hydden collector and use the Account Login name and Suffix combination.

   

6. Provide the Password associated with the CyberArk Cloud Directory Service Account.

7. For the CyberArk Tenant Name, provide your organization’s tenant name as setup in your CyberArk instance.

8. For the CyberArk Identity ID, us the Identity ID found in your CyberArk instance under your user profile when you select Tenant details | Identity, copy the ID and paste it into the CyberArk Identity ID field.

   

9. Click Add.

This credential enables the Hydden CyberArk data source, once configured, to see and collect the CyberArk Core Services data, like Users, Roles, Policies, etc. as available in an organization’s CyberArk cloud instance. It also enables the collector to access and collect the Accounts list and the CyberArk Safes of that organization.

That collected data can then be used in a Vaulted Credential for other verification or access purposes in Hydden.

Optional Fields on the Modal

• Platform URL: This is the generic CyberArk URL for you organization, usually something like https://yourorganization.privilegecloud.cyberark.cloud.
• Identity URL: The Identity URL can be created by using and adding the CyberArk Identity ID into the following URL format: https://{TenantIdentityID}.id.cyberark.cloud (for example, https://idu8089.id.cyberark.cloud).