Vaulted Credential

For Hydden to access and use any of the vaulted data collected, a Vaulted Credential must be configured. The collection is based on a multi-step workflow.

The platform credential, is used to access and retrieve the list of vaults or safes and the accounts and roles, etc. in the integration product. The Vaulted Credential can than be pointed to access one of those vaulted accounts to use as a credential.

How to Create a Vaulted Credential

This procedure shows the vaulted credential configuration steps based on a CyberArk integration.

1. Navigate to Configuration | Settings.
2. Select Credentials and click + Add Credential.
3. From the Credential type drop-down, select Vaulted Credential.
4. From the Vault Credential Connections drop-down, select the vendor platform credential you would like to use.
5. From the Select Safe drop-down, select the specific safe or vault.
6. From the Select Account drop-down, select the specific account Hydden discovered in that safe or vault.
7. (CyberArk only) If the selected account has platform-specific properties, a Username Field selector appears. Select the field to use as the credential username. Available fields depend on the CyberArk platform configuration for that account.
8. After the account selection, the Hydden Credential Name automatically populates, this can be edited/customized.

CyberArk Username Field Selection

When checking out a CyberArk vaulted credential, Hydden retrieves the account's platform properties and makes them available as username field options. This allows you to select a platform-specific field (such as a custom login name or service account identifier) instead of the default CyberArk username.

The available username fields depend on the platform configuration in CyberArk and vary by account.