Third-party credential managers

IBM® Security QRadar SOAR provides the built-in protected secrets capability to manage secrets securely. However, some situations might require you to use third-party credential managers.

For example, users might not be permitted to share the plain-text secret with another person, which means that SOAR administrators cannot create the protected secret. Or, you might need to rotate the secrets frequently on SOAR, making it difficult to manage those secrets within the allotted time frame.

When protected secrets are not an option, you can use a third-party credential manager to manage your secrets securely.

Minimum version requirements

To use a third-party credential manager, the SOAR app must use resilient-circuits version 49.0 or later.

To check which version is used by your app, follow these steps:
  1. Open the app.

    The resilient-circuits version number is written to the app log file when it starts.

  2. In the app Configuration page, on the Details tab, click Download logs.
  3. Open the log file and find the resilient-circuits version number.

The resilient-circuits version is independent of the SOAR version. For example, SOAR on a previous version of IBM Security QRadar Suite can run an app that uses resilient-circuits == 49.0.4321.