Install the Credential Provider

The CyberArk Credential Provider is installed on a machine where applications that require passwords are already installed. Before you install the Credential Provider, make sure that the Digital Vault is installed and active in your Privileged Access Security environment.


Only one Credential Provider can be installed on a machine.

CyberArk License

This section describes license requirements.

The CyberArk license defines the number of Credential Providers that can access the Vault. Each machine that requires a Provider requires a single license.

Before beginning the installation process, make sure that your CyberArk license specifies the number of servers on which the Credential Provider needs to be deployed. You can see this information in the License Capacity report.

When installing the Credential Provider, for each instance of the Credential Provider a Vault user of type AppProvider is automatically created, with the following naming convention: Prov_<host_name>. For example, Prov_Windows16. This is configurable.

License Capacity report

The License Capacity report contains information about the licensed user types and objects in the Vault. It enables users to see the maximum number of licenses for each user type or object, and the number of used licenses for each one. Only user types and objects that are limited by the license are displayed in this report. Predefined Vault users and groups are not included in the license usage.

To create a License Capacity report, in the PrivateArk Client, navigate to Tools > Reports > License Capacity Report. The report is displayed; it lists the Credential Provider users installed on your environment.

In the report:

  • AppProvider is the Credential Provider user type.

  • AIMAccount is the user type of an application.

For more information about user types and the License Capacity report, see the Privileged Access Security docs.