Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Ronald Flint (Ronald)
HealthFirst

HealthFirst
US
Ronald Member since 2017 15 posts
HealthFirst
Posted: Feb 19, 2020
Last activity: May 2, 2020
Posted: 19 Feb 2020 14:24 EST
Last activity: 2 May 2020 15:10 EDT
Closed

How to Set Up Robotics 19.1 RPA to Use CyberArk

I'm currently working with our resident security guy to integrate Robotics 19.1/Robot Manager 8.3 with CyberArk, as that is the preferred method for managing our credentials (over DPAPI). We've run into a bit of a snag, however.

The Robotics VMs are ephemeral, created off of a master image. They will all have exactly the same thing that's on the master image. We were following the guide here: https://community.pega.com/knowledgebase/documents/aim-integration-pega-robotic-automation-191

The way to do this seems to be to install the CyberArk Credential Provider on the master VM, so that all "satellite" VMs have the CP, and then use it to get credentials indirectly from the CyberArk server. However, due to some confusion over licensing, we have to speak to CyberArk reps to make sure we're setting it up correctly.

I also noticed that there is a CredentialManager server configuration in CommonConfig.xml: http://help.openspan.com/191/Platform_Configuration/OpenSpan_Management_Console_Configuration_Settings.htm

Is it possible to configure this to use the CyberArk server rather than having to use the local Credential Provider?

Has anyone else successfully integrated Robotics 19.1 and CyberArk who could share their method?

To see attachments, please log in.
Pega Platform 8.3
Robotic Process Automation
Healthcare and Life Sciences
Robotics System Architect

Posted: 4 years ago
Posted: 20 Feb 2020 9:23 EST
Thomas Sasnett (ThomasSasnett)
MOD
Lead Robotics Architect
Pegasystems Inc.
US

The URL below is where you would start. As I am told, once you configure Runtime and your RPA service to use use CyberArk, all credential retrieval is done through CyberArk AIM. In your solution for example if you needed credentials to login to a website, you could use the CredentialStore component and provide it the name of the credential in CyberArk AIM and that component would retrieve it from AIM. For the Registration Operator, Windows User, etc...those would be retrieved by the RPA service via AIM.

https://community.pega.com/knowledgebase/articles/pega-rpa/cyberark-support-pega-robotic-automation

To see attachments, please log in.
Posted: 4 years ago
Posted: 20 Feb 2020 10:02 EST
Ronald Flint (Ronald)
HealthFirst

HealthFirst
US

That's the first one I found, then followed the links at the bottom. It seems like the Credential Provider needs to be installed locally for it to work, but I can try it without installing that.

The link at the bottom of that page that you linked goes to the help site for Common Configuration Settings. Under "Servers" on that page, under CredentialManager it says "Contact Robotic Automation Support before enabling the CredentialManager server type". That's the only place I can see to specify our actual server address.

To see attachments, please log in.
Posted: 4 years ago
Posted: 2 May 2020 15:10 EDT
Nagasubramaniam Balachandran (NagaB333)
Centene Corporation
Solution Architect
Centene Corporation
US

@RonaldB2  - Were you able to get past this technical snag? We are also in need of some suggestions to implement Cyber Ark with 19.1 version and we are stuck with the same issue as you reported. Any help that you can offer from your progress will help.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice