Credentials

Create, edit, or delete credentials for the System vault. You can use these tasks to configure credentials from internal or external providers.

Before you begin

You must meet the following requirements before you create, edit, or delete a credential:

  • You need to create a credential provider before you can select the external provider option in IBM RPA Control Center. See Credential providers for more information.
  • You must have the permissions to manage credentials. The Business User and Tenant Administrator roles have this permission by default. See default roles for more information.

Credentials and vault credentials

Credentials registered in the Credentials tab can be used by all the users in the environment.
Credentials configured in the Vault Credentials tab are only named references to the User Vault. Once configured locally, they can only be used by the machine with the configured credentials.

Note:If you are looking for User Vault credentials, go to Vault credentials.

Read more about user vault and system vault in What is the IBM RPA Vault?

Creating a new credential

Using an internal provider

  1. Log in to IBM RPA Control Center.
  2. Select Credentials from the left sidebar menu.
  3. Select the Credentials tab.
  4. Click the New Credential button.
  5. In Name, enter a name to identify your credential.
  6. In Username, enter a username to your credential.
  7. In Password, enter the account's password.
  8. Click Save.

Using an external provider

Supported providers

HashiCorp Vault credential provider

  1. Log in to IBM RPA Control Center.
  2. Select Credentials from the left sidebar menu.
  3. Selet the Credentials tab.
  4. Click the New Credential button.
  5. Select Using external provider.
  6. In the Credential provider field, select the name of the external provider. In this case, it is HashiCorp Vault.
  7. In the Mount path field, enter the value for mountPath from your secret.
  8. In the Secret path field, enter the value for secretPath from your secret.
  9. In the Username key field, enter the key for usernameKey from your secret to identify the credential's username.
  10. In the Password key field, enter the key used in your secret to identify the credential's password.
  11. Click Save.

CyberArk CCP Vault credential provider

  1. Log in to IBM RPA Control Center.
  2. Select Credentials from the left sidebar menu.
  3. Selet the Credentials tab.
  4. Click the New Credential button.
  5. Select Using external provider.
  6. In the Credential provider field, select the name of the external provider. In this case, it is CyberArk CCP Vault.
  7. In the Safe name field, enter the safe name from your CyberArk instance.
  8. In the Account name field, enter the account name from your CyberArk instance.
  9. Click Save.
Important:The CyberArk certificate must be installed in the trust store of the computers that will be using the CyberArk credentials.

Editing a credential

  1. Log in to IBM RPA Control Center.
  2. Select Credentials from the left sidebar menu.
  3. Selet the Credentials tab.
  4. From the list of existing credentials, click the vertical ellipsis button ⋮ > Edit for your credential.
  5. Select a field (Name, Username, or Password) to edit.
  6. Click Save.

Deleting a credential

  1. Log in to IBM RPA Control Center.
  2. Select Credentials from the left sidebar menu.
  3. Selet the Credentials tab.
  4. From the list of existing credentials, click the vertical ellipsis button ⋮ > Edit for your credential.
  5. Click Delete.

Using credentials

The credentials registered in this tab are used to unlock computers and as login information by the System Vault. For more information, see Computers.

You can also find credentials for the current IBM RPA Control Center environment by using the Get Vault Item (getVaultItem) command with the System parameter enabled. You can unlock machines by using these credentials.