Secrets Manager Credential Providers integration

Privilege Cloud integrates with Secrets Manager Credential Providers to eliminate hard-coded application credentials embedded in applications, scripts, or configuration files, and instead manages them within Privilege Cloud as privileged accounts.

Learn more about Secrets Manager Credential Providers in Credential Providers Secrets Manager overview.

Manage applications in the Privilege Cloud Portal

Learn about application management options in Application management.

Manage applications using REST APIs

Learn about application management REST APIs in Applications.


Secrets Manager Credential Providers documentation refers to Privilege Cloud components using different names:

  • Privilege Cloud Portal is called PVWA

  • Privilege Cloud is called Vault

Integrate with Secrets Manager Credential Providers

Before you begin, review the Limitations.


Verify that outbound traffic from the Secrets Manager server is always routed through the same public-facing IP.

To integrate with Secrets Manager Credential Providers:

  1. Install Secrets Manager Credential Providers. Follow the instructions in the following topics:

    1. System requirements

    2. Credential Provider installation

    3. Application Server Credential Provider installation

    4. Central Credential Provider (CCP)

      You can install CCP on the same machine as the Privilege Cloud Connector together with CPM/PSM.

      If you choose to install it on the Connector machine, we strongly recommend using IIS with Windows OS User authentication.

  2. Configure the connection between Privilege Cloud and Secrets Manager Credential Providers. Contact CyberArk Cloud Services to perform this step.

  3. Configure Credential Provider.

  4. Configure Central Credential Provider.

Privilege Cloud supports only the default configuration, as describes in Credential Provider configuration file.


The integration between Privilege Cloud and Secrets Manager Credential Providers has the following limitations:

  • Privilege Cloud can work with up to 500 applications (systems) using Credential Providers, Central Credential Provider, or Application Server Credential Provider

  • Credential Provider and Central Credential Provider based on z/OS are not supported

  • Installation mode including On-Demand Privileges Manager (OPM ) is not supported

  • Privilege Cloud Shared Services does not currently support Application REST APIs.

See also: C³ Alliance Program