Use CyberArk as a secure configuration provider

  • Release version: Australia
  • Updated April 29, 2026
  • 1 minute to read

    • You can use a CyberArk vault to secure any sensitive data from the MID Server config.xml file.

    Before you begin

    Role required: admin

    Before configuring CyberArk as secured config provider, make sure that JavaPasswordSDK.jar is available in the <mid_installation_folder>/agent/extlib folder.

    To configure the MID Server to connect to CyberArk using AIM, see CyberArk JAR import.

    About this task

    CyberArk is commonly used to secure credentials in its external vault. However, a MID Server parameter in the config.xml file enables you to store other types of data in CyberArk.

    Procedure

    1. Open the config.xml file in a text editor.
      This file is located in the /agent folder in your MID Server installation path.
    2. Enable this parameter and value:
      <parameter name="mid.secure_config.provider" value="com.service_now.mid.services.config.CyberArkSecuredConfigProvider"/>
    3. Configure specific data to secure in the CyberArk vault.
      Use the following example as a guide.
      1. Secure the MID Server credentials by setting this parameter to match the ID and Type for that data in your CyberArk integration configuration. 
        <parameter name="mid.instance.username" secure="true" value="cyberark: id=<CyberArk ID>, type=<CyberArk type>"/>
<parameter name="mid.instance.password" secure="true" value="cyberark: id=<CyberArk ID>, type=<CyberArk type>"/>
      2. Secure the URL of the instance by setting this parameter to match the ID and Type for that data in your CyberArk configuration.
        <parameter name="url" secure="true" value="cyberark: id=<CyberArk ID>, type=<CyberArk type>"/>
    4. Save the configuration file.
    5. Restart the MID Server.