Using Credential Management Service for Properties of Type Password

Use the credential management service, CyberArk Application Access Manager, to achieve the security in storing the passwords, automatically replace the passwords, and so on. The CyberArk credential management service is more secure than the passwords in clear text format stored in the configuration files.

Prerequisites

  • Set up the CyberArk account for the TIBCO BusinessWorks™ Container Edition application to create a password. To know more, visit the https://www.cyberark.com/ website.
  • Configure the following environment variables:
    • APP_CONFIG_PROFILE = Name of the application profile to be used
    • CYBERARK = Set to true to enable CyberArk credential management service
Follow these steps to modify the properties of field type password.

Procedure

  1. To fetch the password from the credential management service, in the application property editor, select the property of type Password and click .
  2. Choose the Credential Management option.


    The Set Credential Management icon () is displayed next to the password type field.
  3. Click the Set Credential Management icon. The Credential Management window is displayed.
  4. On the Credential Management window, select the credential management service provider, CyberArk, and enter the Cyberark URL in the URL field.


  5. Click OK.
    Note:
    • The credential management service, CyberArk, is supported for Docker only.
    • The query URL configured for a property can be updated during deployment by passing it as an environment variable. The name of the environment variable should be same as the name of the property that needs to be updated.
    • The obfuscation of passwords is not supported, when the password is retrieved from CyberArk vault into TIBCO BusinessWorks Container Edition.