Skip to main content

CyberArk AIM (Deprecated)

This Integration is part of the CyberArk AIM Pack.#


Use the CyberArk AIM v2 integration instead.

Deprecated. Use the CyberArk AIM v2 integration instead.

Configure CyberArkAIM on Cortex XSOAR

  1. Navigate to Settings > Integrations > Servers & Services .
  2. Search for CyberArkAIM.
  3. Click Add instance to create and configure a new integration instance.
    • Name : a textual name for the integration instance.
    • Server URL (e.g. )
    • Port
    • AppID as configured in AIM
    • Trust any certificate (not secure)
    • Use system proxy settings
    • Folder to search in safe
    • Safe to search in
    • isFetchCredentials
    • API Username
    • API Password
    • Credential names - comma-seperated list of credentials names in vault
  4. Click Test to validate the URLs, token, and connection.


You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

  1. Search for credentials: cyber-ark-aim-query
  2. Get a list of credentials: list-credentials
  3. Reset account password: reset-credentials
  4. Get information for an account: account-details

1. Search for credentials

Search credentials in CyberArk AIM. Only one result is returned.

Base Command


Argument Name Description Required
username Username to query Optional
address Address to query Optional
safe Safe to query Optional
folder Folder to query Optional
object Object to query Optional
query Defines a free query using account properties, including Safe, folder, and object. When this method is specified, all other search criteria are ignored Optional
queryFormat Defines the query format, which can optionally use regular expressions Optional
reason The reason for retrieving the password. This reason will be audited in the Credential Provider audit log. Optional
database Defines search criteria according to the database account property Optional

Context Output
Path Type Description
CyberArk.AIM.Folder unknown Account folder
CyberArk.AIM.PasswordChangeInProcess unknown Is password change in process
CyberArk.AIM.Content unknown Account content
CyberArk.AIM.CreationMethod unknown Account creation method
CyberArk.AIM.Name unknown Account name
CyberArk.AIM.PolicyID unknown Account policy ID
CyberArk.AIM.CPMDisabled unknown Account CPM disabled
CyberArk.AIM.Address unknown Account address
CyberArk.AIM.Safe unknown Account safe
CyberArk.AIM.UserName unknown Account username
CyberArk.AIM.DeviceType unknown Account device type

2. Get a list of all credentials

Lists all credentials available.

Base Command


Argument Name Description Required
identifier When used, command will return a specific credential Optional

Context Output

There is no context output for this command.

3. Reset account password

Resets the password for the specified account with a random password.

Base Command


Argument Name Description Required
immediateChangeByCPM Flag the CPM that the change is effective immediately Optional
accountId Account ID to reset password Required

Context Output

There is no context output for this command.

4. Get information for an account

This method returns information about an account. If more than one account meets the search criteria, only the first account will be returned.

Base Command


Argument Name Description Required
keywords Keywords matching the account Required
safe Specify a safe instead of a specific instance Optional

Context Output

There is no context output for this command.