cancel
Showing results for 
Search instead for 
Did you mean: 

CyberArk - Target app password update

AnastasiosKrap1
Level 3
Hi community,

has any one used CyberArk to secure and automatically update the passwords of the target applications used in automations?

Challenge: we want to secure production applications credentials from any user (e.g. Admin, Devs, Controllers etc.) and the only entity aware of the passwords must be the owner Runtime Resource (Robots). So, i wonder if CyberArk (or any other relevant platform such as Hitachi) provides the functionality to update the target's applications credentials transparently.

Note: We also consider the approach of creating an automation of the password update flow for each underlying application, but we obviously prefer the above mentioned way (if that's possible).

Thanks

------------------------------
Anastasios Krapis
EY
Europe/London
------------------------------
1 BEST ANSWER

Helpful Answers

Hi Anastasios, 

CyberArk might be the best resource here. 

However, for more information on CyberArk integrations with Blue Prism, please refer to this article: 'How does CyberArk integrate with Blue Prism' from the Support Portal. It  also goes into more detail on using the Blue Prism Login Agent to change Passwords.

------------------------------
Shiyanbade Animashaun
Senior Product Consultant
Blue Prism
------------------------------

View answer in original post

3 REPLIES 3

Hi Anastasios, 

CyberArk might be the best resource here. 

However, for more information on CyberArk integrations with Blue Prism, please refer to this article: 'How does CyberArk integrate with Blue Prism' from the Support Portal. It  also goes into more detail on using the Blue Prism Login Agent to change Passwords.

------------------------------
Shiyanbade Animashaun
Senior Product Consultant
Blue Prism
------------------------------

Hi Shiyanbade,
 

Above links and document is more on talking about creating AIM and getting the passwords from CyberArk and how to use the login agent in this process,  But it didn't mention about how to update  new credentials  back to Cyberark.  Do you think is it possible to do it ?and if it is then  can you refer some documentation?

------------------------------
Harish
RPA Developer
------------------------------

The short answer is yes it's possible. But CyberArk has changed over the years so contacting CyberArk would be the best way to go here and they can tell you what's possible. Blue Prism isn't really a hindrance either way because even if an integration doesn't exist or perhaps a Skill on the DX (there appear to be two but here's one of them: link to DX), you can still just make API calls to CyberArk to use any of their functionality. For example, at least in CyberArk v10, it was possible to update a password of an account stored as a secret: link to CyberArk docs.

It depends on what version of CyberArk you're using, and it also very much depends on the model/way in which you're using it. CyberArk is built on the idea of rotating passwords automatically, it seems, though you can also purposefully change the passwords and update them by API call as well. However, if I remember correctly, CyberArk v9.x and below do not give you the ability to change a password by API, but CyberArk v10.x does, but I don't know about v11.x because I haven't used it.

I should mention that I did not use AIM or if it somehow was involved, I was unaware of it. 😃 I went strictly with the use of the REST API services that CyberArk offers, and I used Blue Prism to periodically change passwords and then push the new passwords to CyberArk.

But I do agree that it's best to ask CyberArk about this.

------------------------------
Dave Morris
Cano Ai
Atlanta, GA
------------------------------

Dave Morris, 3Ci at Southern Company