Add New Credential Store
Last updated
Last updated
1. Click to Users Groups on the left pane to navigate to the User Settings.
2. On User Management screen, click Add (+) button on the right top section.
3. Select the action type and fill the other fields, then click Submit
Select an Action Type from the field. The Action Type refers to a different method or mechanism for authentication, and each has its own set of actions or operations associated with it. You can see an array of Action Type such as Basic, SSH key based, Cyberark, SNMPv2, SNMPv3, API Key, Bearer Token, HMAC, HTTP Header, etc. Let's see how we can create each of these Action Type.
Select Basic option from the dropdown menu. You get the following screen:
Refer to the following table to understand the fields in the above screen.
Action Type
This is the basic authentication method which involves username and password.
Visibility
To provide visibility to either your own organization or all the other organizations. The options are:
1) My Organizations
2) All Organizations
Friendly Name
Any name which user wants to use.
Description
Provide a description about the Credential Store
Username
Add an appropriate username as you like
Password
Add a password
Refer to the following table to understand the fields in the above screen.
Action Type
SSH key-based authentication is a method used for securely connecting to remote servers and services over SSH (Secure Shell) without the need to enter a password.
Visibility
To provide visibility to either your own organization or all the other organizations. The options are:
1) My Organizations
2) All Organizations
Friendly Name
Any name which user wants to use.
Description
Provide a description about the Credential Store
Username
Add an appropriate username as you like
SSH Private Key
Add a password which should be the OpenSSH key in PEM format
Enable Passphrase
Select the checkbox, you will get an additional field to add a Passphrase of your choice.
Refer to the following table to understand the fields in the above screen.
Action Type
Cyberark is an authentication method which involves storing, retrieving, rotating, and managing privileged credentials (e.g., usernames and passwords) for sensitive systems and accounts. It also includes monitoring and auditing access to privileged accounts.
Visibility
To provide visibility to either your own organization or all the other organizations. The options are:
1) My Organizations
2) All Organizations
Friendly Name
Any name which user wants to use.
Description
Provide a description about the Credential Store
Name
Name of an object or resource which typically refers to a specific identifier used to uniquely designate items such as encryption keys, database servers, etc.
Application
This term denotes the application or system component linked to the associated resource. Particularly in a complex IAM (Identity and Access Management) enviornment where multiple applications or systems are utilized, it becomes vital to specify the affiliation of each resource to a particular application. This allows for more granular management of authorization and permissions.
Safe
Safe represents a secure repository or vault where privileged credentials, such as usernames and passwords, SSH keys, and other sensitive information, are stored and managed
Folder
Folder serves as a way to organize and categorize objects within a Safe. Objects can include credentials, secrets, and other sensitive information.
Port
A specific endpoint for data exchange between two devices or applications within a network.
Object Name
This term typically refers to a specific resource or object within an application. It could be a file, folder, database table, or another entity within an application. Object names are used when creating access control lists or configuring authentication and authorization processes.
Refer to the following table to understand the fields in the above screen.
Action Type
This authentication method is used to monitor and manage networked devices, such as routers, switches, servers, and network printers.
Visibility
To provide visibility to either your own organization or all the other organizations. The options are:
1) My Organizations
2) All Organizations
Friendly Name
Any name which user wants to use.
Description
Provide a description about the Credential Store
Community String
The Community String is a basic form of authentication and access control used to manage and monitor network devices. It acts like a password or a shared secret that SNMP agents and managers use to authenticate and authorize SNMP requests.
Example: public, private
Refer to the following table to understand the fields in the above screen.
Action Type
This authentication method is used to monitor and manage networked devices, such as routers, switches, servers, and network printers. It is an enhanced and more secure version of SNMP compared to its predecessors, SNMPv1 and SNMPv2c.
Visibility
To provide visibility to either your own organization or all the other organizations. The options are:
1) My Organizations
2) All Organizations
Friendly Name
Any name which user wants to use.
Description
Provide a description about the Credential Store
Authentication Protocol
The authentication protocol used for SNMPv3 includes MD5, SHA, SHA224, SHA256, SHA384, SHA512, etc.
Username
Add an appropriate username as you like
Password
Add a password
Privacy Protocol
The privacy protocols are used for encrypting SNMP payloads, protecting sensitive information from unauthorized access or eavesdropping. There are two primary privacy protocols in SNMPv3: DES and AES. You can also choose other options such as None, AES192, AES192C, AES256, AES256 from the dropdowns.
Refer to the following table to understand the fields in the above screen.
Action Type
This is another authentication method used to authenticate and authorize access to an API.
Visibility
To provide visibility to either your own organization or all the other organizations. The options are:
1) My Organizations
2) All Organizations
Friendly Name
Any name which user wants to use.
Description
Provide a description about the Credential Store
Key
Unique identifier used to connect to, or perform, an API call.
Value
Refers to the actual alphanumeric code that makes up the API key
Add To
There are 2 options:
Header and Query Params. You can add the API Key to the API Header or in the Query Parameters as needed.
Refer to the following table to understand the fields in the above screen.
Action Type
The Bearer Token authentication method is a widely used approach for securing APIs and web services.
Visibility
To provide visibility to either your own organization or all the other organizations. The options are:
1) My Organizations
2) All Organizations
Friendly Name
Any name which user wants to use.
Description
Provide a description about the Credential Store
Token
The token that is used for authentication.
Refer to the following table to understand the fields in the above screen.
Action Type
HMAC is a specific type of message authentication code (MAC) that uses a cryptographic hash function along with a secret key to create a fixed-size hash value (digest) from the input data. HMAC is commonly used in various security protocols and applications, including securing network communications (e.g., in VPNs and IPsec), web authentication (e.g., OAuth), message authentication in cryptography, and more.
Visibility
To provide visibility to either your own organization or all the other organizations. The options are:
1) My Organizations
2) All Organizations
Friendly Name
Any name which user wants to use.
Description
Provide a description about the Credential Store
Http header
HTTP headers contain additional information about the request or response, facilitating communication between a client and a server by conveying details like content type, caching directives, authentication credentials, and more.
Key
In HAMC, key is a secret cryptographic key that is used to generate the authentication tag and to verify the authenticity and integrity of a message or data.
Type
There are different types HAMC to select from the dropdowns:
SHA1, SHA256, SHA512
Prefix
Refers to a sequence of characters added to the beginning of a string, variable, or identifier.
Refer to the following table to understand the fields in the above screen.
Action Type
This is another authentication method which is included in the HTTP message as key-value pairs and is transmitted as part of the HTTP protocol.
Visibility
To provide visibility to either your own organization or all the other organizations. The options are:
1) My Organizations
2) All Organizations
Friendly Name
Any name which user wants to use.
Description
Provide a description about the Credential Store
Header
Name of secret
Value
Value (password of secret)