Use CyberArk as a secure configuration provider

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 1 minute to read

    • You can use a CyberArk vault to secure any sensitive data from the MID Server config.xml file.

    Before you begin

    Role required: admin

    Before configuring CyberArk as secured config provider, make sure that JavaPasswordSDK.jar is available in the <mid_installation_folder>/agent/extlib folder.

    About this task

    CyberArk is commonly used to secure credentials in its external vault. However, a MID Server parameter in the config.xml file enables you to store other types of data in CyberArk.

    Procedure

    1. Open the config.xml file in a text editor.
      This file is located in the /agent folder in your MID Server installation path.
    2. Enable this parameter and value:
      <parameter name="mid.secure_config.provider" value="com.service_now.mid.services.config.CyberArkSecuredConfigProvider"/>
    3. Configure specific data to secure in the CyberArk vault.
      Use the following example as a guide.
      1. Secure the MID Server credentials by setting this parameter to match the ID and Type for that data in your CyberArk integration configuration. 
        <parameter name="mid.instance.username" secure="true" value="cyberark: id=<CyberArk ID>, type=<CyberArk type>"/>
<parameter name="mid.instance.password" secure="true" value="cyberark: id=<CyberArk ID>, type=<CyberArk type>"/>
      2. Secure the URL of the instance by setting this parameter to match the ID and Type for that data in your CyberArk configuration.
        <parameter name="url" secure="true" value="cyberark: id=<CyberArk ID>, type=<CyberArk type>"/>
    4. Save the configuration file.
    5. Restart the MID Server.