These procedures include both CyberArk and ServiceNow configuration tasks, including references to the appropriate CyberArk documentation.

The credential identifier configured in the ServiceNow instance must be mapped to the credential name in the CyberArk vault. When looking up a credential, the MID Server finds the credential by matching the credential identifier to a name in vault, which must be unique. If the credential identifier is blank, then the MID Server finds the credential by IP address. To identify the credential by IP address, the system looks at the credential type to ensure that there is only one credential of that type at that address. An example of this might be when a Windows server and vCenter are both running on the same IP address. To support strict credential requirements like this in an SSH environment, a MID Server configuration parameter allows you to require that the credential type requested matches the type returned by CyberArk.
Note: The Credential ID field is the only field necessary to map your credentials to CyberArk, in all cases except for SNMPv3. The Privacy Credential ID field is optional and is required only when using SNMPv3 credentials and using a privacy protocol for the credentials. See Configure the CyberArk credential identifier for more details.

To configure your instance to obtain credentials from a CyberArk vault, complete these tasks in the order in which they appear below.