Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Understanding how credentials are retrieved from CyberArk

Updated on October 19, 2022

Credentials within the CyberArk Vault are stored as accounts in a safe. To retrieve a credential, the provider (the user assigned to the CyberArk Application Access Manager instance) and the application ID must have access to the safe. For more information, see Assigning safe access.

When Pega Robotic Automation makes a credential request, it uses the following values to query CyberArk:

nameThe name of the credential element.
applicationIDThe application ID that is granted access to the safe.
safeThe name of the safe to query.
folderThe name of the folder within the safe where the account is stored.
objectnameThe object name of the credential to be retrieved.
domain(Optional) The name of the property where the domain should be retrieved. By default, the integration looks for the domain option. If you provide this value, your entry overrides the default behavior.

Pega Robotic Automation stores these values in the CredentialManagerConfig.xml file, which is located in the following folder: C:\ProgramData\Pegasystems.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us