Skip to main content

Centrify Vault

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Leverage the Centrify Vault integration to create and manage Secrets.

Configure Centrify Vault on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for Centrify Vault.

  3. Click Add instance to create and configure a new integration instance.

    ParameterDescriptionRequired
    tenantUrlCentrify Tenant URL (e.g. https://vault.example.local\)True
    clientIdClient ID of the Centrify Vault OAuth AppTrue
    clientSecretClient Secret of the Centrify Vault OAuth AppTrue
    appIdID of the Centrify OAuth AppTrue
    scopeScope of the Centrify OAuth AppFalse
    insecureTrust any certificate (not secure)False
    proxyUse system proxy settingsFalse
  4. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

centrify-retrieve-secrets#


Retrieves the secret from centrify vault based on folder name, set name or secret name. If folder name is not provided, all the secrets in the parent folder will be fetched recursively. You can filter based on the secret name and folder separately as well as combined.

Base Command#

centrify-retrieve-secrets

Input#

Argument NameDescriptionRequired
holderTypeType of holder where the secret is located. Values can be Folder or Set. Please make sure to provide value in the "holderName" argument. Possible values are: Folder, Set.Optional
holderNameName of the holder (Folder/Set) where the secret is available. Please choose "Folder" or "Set" in the "holderType" argument. Ex: XSOAR, XSOAR/SUB_FOLDER.Optional
secretNameSecret name which has the secret. Ex: client*, client_secret.Optional

Context Output#

PathTypeDescription
Centrify.Secrets.FolderNamestringFolder name of the secret
Centrify.Secrets.SecretNamestringSecret name of the secret
Centrify.Secrets.SecretTextstringSecret text of the secret
Centrify.Secrets.SecretTypestringType of the secret
Centrify.Secrets.SecretDescriptionstringDescription of the secret
Centrify.Secrets.SecretIDstringID of the Secret retrieved

centrify-retrieve-secret-by-secretid#


Retrieves the secret from centrify vault based on secret ID.

Base Command#

centrify-retrieve-secret-by-secretid

Input#

Argument NameDescriptionRequired
secretIdID of the secret.Required

Context Output#

PathTypeDescription
Centrify.Secrets.FolderNamestringFolder name of the secret
Centrify.Secrets.SecretNamestringSecret name of the secret
Centrify.Secrets.SecretTextstringSecret text of the secret
Centrify.Secrets.SecretTypestringType of the secret
Centrify.Secrets.SecretDescriptionstringDescription of the secret
Centrify.Secrets.SecretIDstringID of the Secret retrieved

centrify-create-secretfolder#


Creates a folder in Centrify Vault

Base Command#

centrify-create-secretfolder

Input#

Argument NameDescriptionRequired
folderNameName of the folder to be created. This will be subfolder if "parentFolderName" is provided.Required
parentFolderNameName of the parent folder. Please note this is case sensitive. .Optional
folderDescriptionDescription of the folder to be created.Optional

Context Output#

PathTypeDescription
Centrify.Folder.FolderNamestringName of the folder created
Centrify.Folder.FolderIDstringID of the folder created
Centrify.Folder.ParentFolderNamestringName of the parent folder
Centrify.Folder.FolderDescriptionstringDescription of the folder created

centrify-create-secret#


Creates a secret in Centrify Vault.

Base Command#

centrify-create-secret

Input#

Argument NameDescriptionRequired
holderTypeType of holder where the secret will be created. Values can be Folder or Set. Please make sure to provide value in the "holderName" argument. Possible values are: Folder, Set.Required
holderNameName of the holder (Folder/Set) where the secret needs to be created. Please choose "Folder" or "Set" in the "holderType" argument. Ex: XSOAR, XSOAR/SUB_FOLDER .Required
secretNameName of the secret to be created.Required
secretTextText of the secret.Required
secretTypeType of the secret. Possible values are: Text.Required
secretDescriptionDescription of the secret.Optional

Context Output#

PathTypeDescription
Centrify.Secrets.holderTypestringType of the location where secret is created. It can be folder or set.
Centrify.Secrets.SecretNamestringName of the secret created
Centrify.Secrets.SecretIDstringID of the secret created
Centrify.Secrets.SecretTypestringType of the secret created
Centrify.Secrets.FolderNamestringName of the folder where the secret is created
Centrify.Secrets.FolderIDstringID of the folder where the secret is created
Centrify.Secrets.SetNamestringName of the set where the secret is created
Centrify.Secrets.SetIDstringID of the set where the secret is created
Centrify.Secrets.SecretDescriptionstringDescription of the created secret

centrify-create-set#


Creates a set in Centrify Vault

Base Command#

centrify-create-set

Input#

Argument NameDescriptionRequired
setNameName of the Set to be created.Required
setDescriptionDescription of the Set to be created.Optional

Context Output#

PathTypeDescription
Centrify.Set.SetNamestringName of the set created
Centrify.Set.SetIDstringID of the set created
Centrify.Set.SetDescriptionstringDescription of the set created

centrify-retrieve-folders#


Fetch details of all folders in Centrify Vault

Base Command#

centrify-retrieve-folders

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
Centrify.Folder.FolderNamestringName of the folder
Centrify.Folder.FolderIDstringID of the folder
Centrify.Folder.ParentFolderstringName of the parent folder
Centrify.Folder.FolderDescriptionstringDescription of the folder
Centrify.Folder.FolderDirectorystringComplete directory of the folder

centrify-delete-folder#


Delete a folder from the Centrify Vault

Base Command#

centrify-delete-folder

Input#

Argument NameDescriptionRequired
folderNameName of the folder to be deleted. Please provide parent foldername in the argument "parentFolderName" if you are deleting a subfolder.Required
parentFolderNameName of the parent folder.Optional

Context Output#

There is no context output for this command.

centrify-delete-secret#


Delete Secret from the Centrify Vault. Please note: Enabling "recursiveDelete" to "Yes" will delete all secrets if there multiple secrets with same name in subfolders.

Base Command#

centrify-delete-secret

Input#

Argument NameDescriptionRequired
secretNameName of the secret to be deleted.Required
folderNameName of the folder from where the secret should be deleted. If the secret is in subfolder, then provide parent folder followed by "/" and subfolder name. Ex: XSOAR/Demisto.Optional
recursiveDelete"Yes" if you want to delete all the secrets having same name in all the subfolders recursively. "No" if you want do not want to delete the secret in the subfolders. Possible values are: Yes, No.Required
matchPartOfSecret"Yes" if you want to delete the secret having the provided secretname as a part of the Secret. "No" if you want to delete the secret with the exact name match. Ex: XSOAR* will delete all secrets like XSOAR_1, XSOAR_pwd, XSOAR. . Possible values are: Yes, No.Required

Context Output#

There is no context output for this command.

centrify-delete-secret-by-secretid#


Delete Secret from the Centrify Vault based on the Secret ID provided

Base Command#

centrify-delete-secret-by-secretid

Input#

Argument NameDescriptionRequired
secretIdID of the Secret to be deleted.Required

Context Output#

There is no context output for this command.

centrify-add-secret-to-set#


Adds/Moves a secret to a set for the provided secretID. Use "centrify-retrieve-secrets" to fetch secret ID's.

Base Command#

centrify-add-secret-to-set

Input#

Argument NameDescriptionRequired
setNameName of the set where the secret will be added/moved.Required
secretIdID of the secret which needs to be moved to the set.Required

Context Output#

There is no context output for this command.

centrify-retrieve-sets#


Fetches the details of all sets in the Centrify Vault

Base Command#

centrify-retrieve-sets

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
Centrify.Set.SetNamestringName of the set
Centrify.Set.SetIDstringID of the set
Centrify.Set.SetDescriptionstringDescription of the set

centrify-delete-set#


Delete set from the Centrify Vault

Base Command#

centrify-delete-set

Input#

Argument NameDescriptionRequired
setNameName of the set to be deleted.Required

Context Output#

There is no context output for this command.

Demo Video#