A credential store is a named location within a secure store, such as CyberArk, from which you can store and retrieve sensitive data such as Robot credentials and credential Assets when needed. Orchestrator supports the use of multiple credential stores at tenant level, and provides built-in support for Azure Key Vault, CyberArk CCP, HashiCorp Vault, Thycotic Secret Server, and BeyondTrust, CyberArk, and the architecture enabling you to develop a plugin for other secure stores, if desired.
This Credential Stores page enables you to create new stores, view existing stores and their properties, and delete any current credential store. Note that the native Orchestrator Database store is automatically created and will always appear first in this list and be the Default store for all new tenants.
The credential stores feature must be enabled for your tenant by the Orchestrator administrator. See here for details.
Beyond the secure stores with built-in support, Orchestrator architecture supports the functionality of loading third-party or developing custom plugins, enabling you to use any desired credential store.
- Navigate to the
\Orchestrator\Pluginsfolder in your Orchestrator installation directory.
- Save the
.dllfiles of your plugin in this folder.
- Update the
UiPath.Orchestrator.dll.configfile with this plugin as detailed here.
- Restart your Orchestrator instance and check the logs to confirm that the plugin was loaded successfully.
- Your new credential store should now be available when creating a new credential store.
Development documentation for creating your own secure store plugins is available in the UiPath repository.
Also available there are three samples to assist in your development:
- RandomPass - a read-only store that will generate a random password;
- SQLPass - a read/write store using an external SQL database other than the Orchestrator database;
- Key Vault - the fully functional Key Vault plugin available with your Orchestrator instance.
Updated 2 months ago