Connect to Multiple CyberArk Vaults from the Same IIQ Server For Credentials Cycling

Which IIQ version are you inquiring about?

Version 8.3

Share all details related to your problem, including any error messages you may have received.

We onboarded both non-production and production applications in SailPoint IIQ and use the privileged service accounts to connect them. We have a requirement to implement credential cycling for these privileged service accounts.
We installed CyberArk credential provider on SailPoint IIQ server, but that credential provider can connect to one CyberArk Vault only. Please let us know what the solution is to connect to two CyberArk vaults from the same SailPoint IIQ server for credentials cycling.

Hi @mcavgiam,
Are all service accounts present in one cyberark production vault ? Ideally all non prod and prod service accounts should be in one cyberark vault right

non-prod service accounts exist in non-prod vault and prod service accounts exist in prod vault. CyberArk team has separated them, we can open firewall to connect these vaults from the IIQ server. How to configure the Credential Provider API to connect to more than vault?

Thanks for your reply @mcavgiam.
Ideally non prod service accounts should exist in prod vault so you can manage them via sailpoint iiq server Credential provider. In this way iiq connects to prod vault only.
If you want to do testing then in sailpoint non prod iiq server having Credential provider which connects to non prod vault.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.