To give PingFederate access to datastore credentials stored in your CyberArk Credential Provider, configure an instance of the CyberArk Credential Provider secret manager plugin.
Install the CyberArk Credential Provider and integrate it with PingFederate. For more information, see Integrating with the CyberArk Credential Provider.
When configuring instances of the secret manager plugin, you need information about your secret manager's configuration. You also need information about the contents of your secret manager to generate reference codes for its contents.
To configure an instance of the secret manager plugin that provides access to the CyberArk Credential Provider:
After configuring an instance of the secret manager plugin, use it to generate a reference code for a specific password in the CyberArk Credential Provider. Then you can add the reference code to the following places in PingFederate:
- An instance of a datastore plugin for an LDAP directory, JDBC database, or REST API. For more information, see Using passwords in secret managers to access datastores.
- The
ldap.properties
file,oauth2.properties
file, and theoidc.properties
file.