Default language.

Important This documentation space contains information about the SaaS version of BMC Helix Discovery. If you are using the on-premises version of BMC Helix Discovery, see BMC Helix Discovery 25.2 (On-Premises).

Create the provider user in the CyberArk Enterprise Password Vault

If this is your first integration between BMC Helix Discovery and the CyberArk Enterprise Password Vault, you must create an administrator-level provider user, BMC_Discovery that has access to the vault (safe) in CyberArk, and add the  BMC_Discovery user to the various safes to which you need access to in CyberArk. Without performing these steps, you cannot configure access for additional users or appliances to a specific safe in CyberArk.The BMC Helix Discovery application can access the credentials stored in the CyberArk Vault (safe) using queries, after you create the provider user and add it to the required safes in CyberArk. For more information about configuring additional BMC Discovery Outpost or users, see Configuring-access-to-the-CyberArk-Vault.This section covers only the steps that are required to create access from the BMC Helix Discovery application to CyberArk. For more information about using other features in CyberArk, see the CyberArk Vault documentation, or contact your CyberArk administrator.

CyberArk uses the term Vault to refer to the CyberArk server component which holds information securely (all Safes reside in the Vault). This should not be confused with the BMC Helix Discovery Vault.

To create the provider user for accessing CyberArk

  1. Log in to your CyberArk Password Vault Web Access (PVWA) and click Applications from the main menu.
  2. Click Add Application and enter the information about BMC Discovery.The Application ID you enter here must match the Application ID you use when you configure the CyberArk AIM Provider on the Outpost. The default value on the BMC Discovery Outpost is BMC_Discovery. If you are integrating using the REST API, the Application ID can be changed.All other values can be specified as required by your organization.
  3. Click Apply to save the changes.
  4. From the applications list, open the BMC_Discovery application page.
  5. From the Allowed Machines tab, add the BMC Helix Discovery instance name.

Where to go from here

Depending on whether you are integrating with the CyberArk Enterprise Password Vault using the REST API or the AIM Provider, go to one of the following topics:

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*