Get Credentials from Secret Server

Alex_Dragoi · 2017-02-23 01:50:49 UTC

The idea is getting the credentials for

3rd party apps
the robot user session

from an external vault (Secret Server), where a company already manages the credentials for users
the passwords potentially change daily so it’s not feasible to manage them in every local machine

At least the first bullet could have activities developed in UiPath

MRSigmon · 2017-03-09 18:11:20 UTC

Thank you for the update, Alex. @Mihai, can you share the timeline for when you might have a version we could test at Gap Inc.? Maria

badita · 2017-03-16 21:12:35 UTC

Hi @MRSigmon.

We are planning a Cyber Ark Orchestrator integration in the next release. This will open the possibility to add other Vault providers in the future.

Estimated 2017 Q3 or 2018 Q2. It’s hectic here and we can not actually estimate the difficulty of the feature now now.

Are you going to use this to retrieve and store:

Windows Login Credentials for robot
Third Party Apps Credentials like SAP Login
or both?

If your use case is only the second (3rd party) this can be achieved via creating custom activities - Orchestrator integration is not necessarily needed and it can be achieved by a .NET dev or an advanced forum user.

hesemu · 2017-12-09 01:06:06 UTC

Hi Badita,

I juts came across this use case.
What of in a scenario where the Third App need a login that is stored in a 3rd party credential store that has an API exposed to retrieve credentials?

Thanks for your response.

Lakshmi_C · 2018-10-15 17:01:45 UTC

Hi @badita

Do we have any release on this where the credentials can be directly accessed from 3rd party (Secret Server) vault?

badita · 2018-10-15 17:22:18 UTC

You can build your own custom activity but be careful with security. Not everyone should be allowed to acess that password.

badita · 2018-10-15 17:22:49 UTC

Only CyberArk for now

khage · 2018-10-15 17:59:28 UTC

Secret Server has an API that you can call via HTTP requests. You could build out some UiPath modules to take advantage of those API calls for existing credential vaults. You may have to parse the response strings in a few places or construct the HTTP request rather than using the default Uipath activities, but it’s a doable task.

You can find the specific API calls by going to your local secret server web address like the following:
https://{your-local-secret-server-address}/SecretServer/webservices/SSWebservice.asmx

You can find more documentation similarly at the following:
https://{your-local-secret-server-address}/SecretServer/Documents/restapi/

Lakshmi_C · 2018-10-15 18:19:35 UTC

Thanks @khage