Notifications

367 views

Description

According to the document "CyberArk credential storage integration" it is mentioned to have the support for REST (with basic authentication overrides)

Once configured the same to have the Azure Service Principal Discovery with Cyberark External Credential Store, the discovery fails with below error.

CredentialResolver to resolve Azure_SP/azure/null

They have the integration of Azure credentials through the API  working for SNMPv3 and basic auth successfully, but note however that docs page (specifically the section with #dummycredentials.properties ) doesn't list the type for Azure, nor does it have examples of the keys to be set in the hashmap returned for Azure.

The credential resolver jar must return a Hashmap with proper key (case sensitive) and non-null valid values for the same in order to be properly utilized by CMP, the keys for which are mentioned below: 

  • name:
  • tenant_id: 
  • client_id: 
  • auth_method:
  • secret_key: 

The issue is that even the customer resolver passes the correct hashmap, the credential validation fails with above-mentioned error with null objects.

Steps to Reproduce

  1. Configure Azure credentials with Cyberarc
  2. Create the Azure Service Account and choose to use the Credentials from Externalcredential store (cyberarc)
  3. Execute Azure subscription discovery
  4. Returning the hashmap in the same order as mentioned, hashmap output is : {name=azure, tenant_id=xxxxxxxxxxxxxxxxxxxxxxxxx, client_id=xxxxxxxxxxxxxxxxxxxxxxxxx, auth_method=Client Secret, secret_key={[xxxxxxxxxxxxxxxxxxxxxxxxx}
  5. Still issue persists with same error mentioned below:

Using a high-security credential: HighSecurityCredential: Azure_SP/azure/null

Workaround

This problem is currently under review. You can contact ServiceNow Technical Support or subscribe to this Known Error article by clicking the Subscribe button at the top right of this form to be notified when more information will become available..

 


Related Problem: PRB1346683

Seen In

SR - Security - Integration Framework - Madrid 2019 Q2
SR - Security - Support Common - Madrid 2019 Q2
SR - Security - Support Orchestration - Madrid 2019 Q2
SR - VR - Qualys - New York 2019 Q3
SR - VR - Shodan Exploit - New York 2019 Q3
SR - VR - Solution Management Madrid Q2
SR - VR - Vulnerability Response - New York 2019 Q3
SR - VR - Vulnerability Response PA Content - Madrid 2019 Q2

Intended Fix Version

Paris

Safe Harbor Statement

This "Intended Fix Version" information is meant to outline ServiceNow's general product direction and should not be relied upon in making a purchasing decision. The information provided here is for information purposes only and may not be incorporated into any contract. It is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. The development, release, and timing of any features or functionality described for our products remains at ServiceNow's sole discretion.

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2020-08-06 03:43:23
Published:2020-04-12