Get Credential Failed To Read XXXX From Credential Store Type Thycotic Secret Server Error Code 2304 Asset Name XXXX

Resolution when retrieving Asset from Delinea (formerly known as Thycotic) Server is not possible

Pre-requisites: For Automation Cloud,

  1. Ensure the Delinea (formerly known as Thycotic) Credential Store is added. Tenant--->Credential Stores
  2. Select the default store for Robots and Assets.


Issue Description: While accessing Get Credential on Studio, "Get Credential Failed to read XXXX from Credential Store type Thycotic Secret Server Error code 2304 Asset name: XXXX" is thrown.


Resolution: Steps to follow,

How to make sure that the user configured in the access rule has access to read the secret

  1. Check if a rule is configured in Client Onboarding (example below: Orchestrator-Test client having Orchestrator-Test user account)

  1. Check if the secret is shared with the actual user account. Also, if a robot1-secret is present inside the RobotCredentials folder

image.png


  1. Check if the folder/folder inheritance permissions do not block the user account from reading the secret. The security policies need to be taken into consideration:

image.png

It will not work if Secret Permissions is set to NONE or if the user account permission is missing at the folder level:

image.png


Note: Verify with internal security department the optimal policy for sharing Delinea credentials. For more details on the Delinea Secret Server integration, see official documentation: Thycotic Secret Server integration .