Add New Credential Store
1. Click to Users Groups on the left pane to navigate to the User Settings.
2. On User Management screen, click Add (+) button on the right top section.
3. Select the action type and fill the other fields, then click Submit
Select an Action Type from the field. The Action Type refers to a different method or mechanism for authentication, and each has its own set of actions or operations associated with it. You can see an array of Action Type such as Basic, SSH key based, Cyberark, SNMPv2, SNMPv3, API Key, Bearer Token, HMAC, HTTP Header, etc. Let's see how we can create each of these Action Type.
Basic
Select Basic option from the dropdown menu. You get the following screen:
Refer to the following table to understand the fields in the above screen.
| Fields | Description |
|---|---|
Action Type | This is the basic authentication method which involves username and password. |
Visibility | To provide visibility to either your own organization or all the other organizations. The options are: 1) My Organizations 2) All Organizations
|
Friendly Name | Any name which user wants to use. |
Description | Provide a description about the Credential Store |
Username | Add an appropriate username as you like |
Password | Add a password |
SSH Key Based
Refer to the following table to understand the fields in the above screen.
| Fields | Description |
|---|---|
Action Type | SSH key-based authentication is a method used for securely connecting to remote servers and services over SSH (Secure Shell) without the need to enter a password. |
Visibility | To provide visibility to either your own organization or all the other organizations. The options are: 1) My Organizations 2) All Organizations
|
Friendly Name | Any name which user wants to use. |
Description | Provide a description about the Credential Store |
Username | Add an appropriate username as you like |
SSH Private Key | Add a password which should be the OpenSSH key in PEM format |
Enable Passphrase | Select the checkbox, you will get an additional field to add a Passphrase of your choice. |
Cyberark
Refer to the following table to understand the fields in the above screen.
| Fields | Description |
|---|---|
Action Type | Cyberark is an authentication method which involves storing, retrieving, rotating, and managing privileged credentials (e.g., usernames and passwords) for sensitive systems and accounts. It also includes monitoring and auditing access to privileged accounts. |
Visibility | To provide visibility to either your own organization or all the other organizations. The options are: 1) My Organizations 2) All Organizations
|
Friendly Name | Any name which user wants to use. |
Description | Provide a description about the Credential Store |
Name | Name of an object or resource which typically refers to a specific identifier used to uniquely designate items such as encryption keys, database servers, etc. |
Application | This term denotes the application or system component linked to the associated resource. Particularly in a complex IAM (Identity and Access Management) enviornment where multiple applications or systems are utilized, it becomes vital to specify the affiliation of each resource to a particular application. This allows for more granular management of authorization and permissions.
|
Safe | Safe represents a secure repository or vault where privileged credentials, such as usernames and passwords, SSH keys, and other sensitive information, are stored and managed |
Folder | Folder serves as a way to organize and categorize objects within a Safe. Objects can include credentials, secrets, and other sensitive information. |
Port | A specific endpoint for data exchange between two devices or applications within a network. |
Object Name | This term typically refers to a specific resource or object within an application. It could be a file, folder, database table, or another entity within an application. Object names are used when creating access control lists or configuring authentication and authorization processes. |
SNMPv2
Refer to the following table to understand the fields in the above screen.
| Fields | Description |
|---|---|
Action Type | This authentication method is used to monitor and manage networked devices, such as routers, switches, servers, and network printers. |
Visibility | To provide visibility to either your own organization or all the other organizations. The options are: 1) My Organizations 2) All Organizations |
Friendly Name | Any name which user wants to use. |
Description | Provide a description about the Credential Store |
Community String | The Community String is a basic form of authentication and access control used to manage and monitor network devices. It acts like a password or a shared secret that SNMP agents and managers use to authenticate and authorize SNMP requests. Example: public, private |
SNMPv3
Refer to the following table to understand the fields in the above screen.
| Fields | Description |
|---|---|
Action Type | This authentication method is used to monitor and manage networked devices, such as routers, switches, servers, and network printers. It is an enhanced and more secure version of SNMP compared to its predecessors, SNMPv1 and SNMPv2c. |
Visibility | To provide visibility to either your own organization or all the other organizations. The options are: 1) My Organizations 2) All Organizations |
Friendly Name | Any name which user wants to use. |
Description | Provide a description about the Credential Store |
Authentication Protocol | The authentication protocol used for SNMPv3 includes MD5, SHA, SHA224, SHA256, SHA384, SHA512, etc. |
Username | Add an appropriate username as you like |
Password | Add a password |
Privacy Protocol | The privacy protocols are used for encrypting SNMP payloads, protecting sensitive information from unauthorized access or eavesdropping. There are two primary privacy protocols in SNMPv3: DES and AES. You can also choose other options such as None, AES192, AES192C, AES256, AES256 from the dropdowns. |
API Key
Refer to the following table to understand the fields in the above screen.
Action Type | This is another authentication method used to authenticate and authorize access to an API. |
Visibility | To provide visibility to either your own organization or all the other organizations. The options are: 1) My Organizations 2) All Organizations |
Friendly Name | Any name which user wants to use. |
Description | Provide a description about the Credential Store |
Key | Unique identifier used to connect to, or perform, an API call. |
Value | Refers to the actual alphanumeric code that makes up the API key
|
Add To | There are 2 options: Header and Query Params. You can add the API Key to the API Header or in the Query Parameters as needed. |
Bearer Token
Refer to the following table to understand the fields in the above screen.
| Fields | Description |
|---|---|
Action Type | The Bearer Token authentication method is a widely used approach for securing APIs and web services. |
Visibility | To provide visibility to either your own organization or all the other organizations. The options are: 1) My Organizations 2) All Organizations |
Friendly Name | Any name which user wants to use. |
Description | Provide a description about the Credential Store |
Token | The token that is used for authentication. |
HMAC
Refer to the following table to understand the fields in the above screen.
| Fields | Description |
|---|---|
Action Type | HMAC is a specific type of message authentication code (MAC) that uses a cryptographic hash function along with a secret key to create a fixed-size hash value (digest) from the input data. HMAC is commonly used in various security protocols and applications, including securing network communications (e.g., in VPNs and IPsec), web authentication (e.g., OAuth), message authentication in cryptography, and more. |
Visibility | To provide visibility to either your own organization or all the other organizations. The options are: 1) My Organizations 2) All Organizations |
Friendly Name | Any name which user wants to use. |
Description | Provide a description about the Credential Store |
Http header | HTTP headers contain additional information about the request or response, facilitating communication between a client and a server by conveying details like content type, caching directives, authentication credentials, and more. |
Key | In HAMC, key is a secret cryptographic key that is used to generate the authentication tag and to verify the authenticity and integrity of a message or data. |
Type | There are different types HAMC to select from the dropdowns: SHA1, SHA256, SHA512 |
Prefix | Refers to a sequence of characters added to the beginning of a string, variable, or identifier. |
HTTP Header
Refer to the following table to understand the fields in the above screen.
| Fields | Description |
|---|---|
Action Type | This is another authentication method which is included in the HTTP message as key-value pairs and is transmitted as part of the HTTP protocol. |
Visibility | To provide visibility to either your own organization or all the other organizations. The options are: 1) My Organizations 2) All Organizations |
Friendly Name | Any name which user wants to use. |
Description | Provide a description about the Credential Store |
Header | Name of secret |
Value | Value (password of secret) |
Last updated
