Configuring External Credential Storage for Discovery

Megan28
Kilo Contributor

‎04-16-2020 06:43 AM

Is there anyone out there who has successfully used an external credential storage repository (not CyberArk)? For Discovery, I need to get credentials from a third party vault and store them in the ServiceNow instance.

I've read these docs:
- https://docs.servicenow.com/bundle/newyork-servicenow-platform/page/product/credentials/concept/c_Ex...
- https://docs.servicenow.com/bundle/newyork-servicenow-platform/page/product/credentials/concept/exte...

and I have created a JAR file (that just does some logging for now). I attached the JAR to the mid server. How do I go about executing this JAR so that I can test my code?

Labels:
0 Helpfuls
  • 2,075 Views
10 REPLIES 10

tim_broberg
ServiceNow Employee
ServiceNow Employee

‎04-16-2020 10:57 PM

I have not, but I'm working on it right now.

To my understanding, you need to

  • upload the jar file to the instance to be synch'ed to all the mids (warning, this restarts all the mids immediately)
  • install the external credential plugin
  • configure the instance to recognize your external credential
  • create a credential on the instance, and check the external credential box

I don't really know if you need to somehow identify the package of your CredentialResolver.

I do know somebody who applied the Beyond Trust Power Broker Password Safe external credential store, and I will forward this to him for comment.

Let's keep each other posted on our progress.
    - Tim.

0 Helpfuls

DaveHertel
Kilo Sage
In response to tim_broberg

‎04-17-2020 10:23 AM

@tim.broberg  This detail is/would be super helpful - as your work progresses, please share key learnings.   Thycotic is another external store w/o a plugin as you know, and we're confronted with same challenges... how to architect/build/deploy all the required bits for a custom integration to an external store.    Please & Thank you 🙂

0 Helpfuls

Megan28
Kilo Contributor
In response to tim_broberg

‎04-20-2020 07:05 AM

Thank you for this reply. Would love to hear if you've made any progress so far.

Also, this example was sent to me. Maybe it's helpful to you.

- Megan

0 Helpfuls

Ryan Zulli
ServiceNow Employee
ServiceNow Employee

‎04-17-2020 06:51 AM

Just to clarify, you're asking if its possible for servicenow to query your 3rd party external cred vault for its credentials, and then "store" them in the credential table within Servicenow?

or are you trying to just integrate a 3rd party external cred vault with SN Discovery so can use those passwords?

0 Helpfuls