Skip to content

Support Name or Object keys in fetched credentials #41641

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 29, 2025
Merged

Support Name or Object keys in fetched credentials #41641

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a0869ac
Support Name or Object keys in fetched credentials (#41540)
nitsan-tzur Oct 23, 2025
83480b1
Merge branch 'master' into contrib/nitsan-tzur_cyberark-fix-ccp
barryyosi-panw Oct 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/CyberArkAIM_v2.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ def fetch_credentials(client, args: dict):
{
"user": cred.get("UserName"),
"password": cred.get("Content"),
"name": cred.get("Name"),
"name": cred.get("Name") or cred.get("Object"),
}
)
demisto.credentials(credentials)
Expand Down
17 changes: 16 additions & 1 deletion Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/CyberArkAIM_v2.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
category: Authentication & Identity Management
sectionorder:
- Connect
- Collect
commonfields:
id: CyberArkAIM v2
version: -1
Expand All @@ -8,56 +11,68 @@ configuration:
name: url
required: true
type: 0
section: Connect
- display: AppID as configured in AIM
name: app_id
type: 0
required: false
section: Connect
- display: Folder to search in safe
name: folder
required: true
type: 0
section: Collect
- display: Safe to search in
name: safe
required: true
type: 0
section: Collect
- display: A comma-separated list of credential names in the safe.
additionalinfo: Partial names are not supported. If left empty, no credentials will be fetched.
name: credential_names
type: 12
required: false
section: Collect
- display: Username
name: credentials
type: 9
required: false
section: Connect
- additionalinfo: Add a certificate file in text format to use to connect to the CyberArk AIM server.
display: Certificate File as Text
name: cert_text
type: 12
required: false
section: Connect
- additionalinfo: Add a key file in text format to use to connect to the CyberArk AIM server.
display: Key File as Text
name: key_text
type: 4
hidden: true
required: false
section: Connect
- name: key_text_creds
type: 9
displaypassword: Key File as Text
hiddenusername: true
required: false
section: Connect
- display: Fetch credentials
name: isFetchCredentials
type: 8
defaultvalue: 'true'
required: false
section: Connect
- display: Trust any certificate (not secure)
name: insecure
type: 8
required: false
section: Connect
- display: Use system proxy settings
name: proxy
type: 8
required: false
section: Connect
description: The CyberArk Application Identity Manager (AIM) provides a secure safe in which to store your account credentials. Use this integration to retrieve the account credentials in CyberArk AIM.
display: CyberArk AIM v2
name: CyberArkAIM v2
Expand All @@ -81,7 +96,7 @@ script:
- contextPath: CyberArkAIM.Name
description: The credential name of the account.
type: String
dockerimage: demisto/ntlm:1.0.0.3531648
dockerimage: demisto/ntlm:1.0.0.4887408
runonce: false
script: '-'
subtype: python3
Expand Down
10 changes: 8 additions & 2 deletions Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/CyberArkAIM_v2_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,11 @@ def test_cyberark_aim_commands(command, get_credentials_res, context, mocker):
"password": "password2",
"name": "name2",
},
{
"user": "username3",
"password": "password3",
"name": "name3",
},
],
),
],
Expand All @@ -83,7 +88,8 @@ def test_cyberark_fetch_credentials(creds_name_to_fetch, expected_res, mocker):
- Running fetch-credentials process
Then
- Ensure that the credentials returned to demisto are: [(username1,password1,name1)]
- Ensure that all credentials were returned to demisto: [(username1,password1,name1),(username2,password2,name2)]
- Ensure that all credentials were returned to demisto:
[(username1,password1,name1),(username2,password2,name2),(username3,password3,name3)]
"""
client = Client(
server_url="https://api.cyberark.com/",
Expand All @@ -92,7 +98,7 @@ def test_cyberark_fetch_credentials(creds_name_to_fetch, expected_res, mocker):
app_id="app",
folder="Root",
safe="safe1",
credentials_object="name1,name2",
credentials_object="name1,name2,name3",
username="",
password="",
cert_text="",
Expand Down
38 changes: 38 additions & 0 deletions Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/test_data/get_credentials_res.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,4 +75,42 @@
"DiscoveryPlatformType": "Windows Domain",
"PasswordChangeInProcess": "False",
},
"name3": {
"Content": "password3",
"LastPasswordSetDate": "1566376303",
"PasswordNeverExpires": "True",
"AccountType": "Domain",
"SID": "sid",
"LastSuccessVerification": "1583256386",
"CPMStatus": "success",
"LastSuccessChange": "1575910475",
"Address": "AIM.COM",
"Folder": "Root",
"CPMDisabled": "(CPM)Newly discovered dependency",
"LastSuccessReconciliation": "1583521898",
"LogonDomain": "domain2",
"Object": "name3",
"Domain": "AIM.COM",
"OU": "CN=Users,DC=COM",
"CreationMethod": "AutoDetected",
"AccountDescription": "Built-in account for administering the computer/domain",
"SequenceID": "3",
"AccountEnabled": "True",
"Tags": "DAdmin",
"AccountCategory": "True",
"AccountExpirationDate": "0",
"UserName": "username3",
"MachineOSFamily": "Server",
"LastTask": "ReconcileTask",
"RetriesCount": "-1",
"Safe": "Windows Domain Admins",
"DeviceType": "Operating System",
"AccountDiscoveryDate": "1573128798",
"AccountOSGroups": "Administrators",
"OSVersion": "Windows Server 2016 Standard",
"PolicyID": "WinDomain",
"LastLogonDate": "1572451901",
"DiscoveryPlatformType": "Windows Domain",
"PasswordChangeInProcess": "False",
},
}
9 changes: 9 additions & 0 deletions Packs/cyberark_AIM/ReleaseNotes/1_0_25.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@

#### Integrations

##### CyberArk AIM v2

- Updated the integration to align with the new fetch credentials API, which uses either `Object` or `Name` arguments.

- Updated the Docker image to: *demisto/ntlm:1.0.0.4887408*.

2 changes: 1 addition & 1 deletion Packs/cyberark_AIM/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "CyberArk Central Credential Provider (CCP)",
"description": "Securely pull hard-coded and embedded privileged credentials from the CyberArk Vault using CyberArk Secrets Manager.",
"support": "partner",
"currentVersion": "1.0.24",
"currentVersion": "1.0.25",
"author": "CyberArk",
"url": "https://www.cyberark.com/products/secrets-management/",
"email": "https://www.cyberark.com/services-support/technical-support-contact/",
Expand Down
Loading