Skip to main content

Thycotic

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Secret Server is the only fully featured Privileged Account Management (PAM) solution available both on premise and in the cloud. It empowers security and IT ops teams to secure and manage all types of privileged accounts and offers the fastest time to value of any PAM solution. This integration was integrated and tested with version 5.0 of Thycotic

Configure Thycotic on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.
  2. Search for Thycotic.
  3. Click Add instance to create and configure a new integration instance.
ParameterDescriptionRequired
urlServer URL (e.g. https://example.net\)True
credentialsUsernameTrue
insecureTrust any certificate (not secure)False
proxyUse system proxy settingsFalse
isFetchCredentialsFetches credentialsFalse
credentialobjectsList secret name for fetch credentials (separated by commas)False
  1. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

thycotic-secret-password-get#


Retrieved password from secret

Base Command#

thycotic-secret-password-get

Input#

Argument NameDescriptionRequired
secret_idID secretRequired

Context Output#

PathTypeDescription
Thycotic.Secret.PasswordStringRetrieved password from secret

Command Example#

!thycotic-secret-password-get secret_id=2

Context Example#

{
"Thycotic": {
"Secret": {
"Password": "1234567890"
}
}
}

Human Readable Output#

Retrieved password by ID 2 1234567890

thycotic-secret-username-get#


Retrieved username from secret

Base Command#

thycotic-secret-username-get

Input#

Argument NameDescriptionRequired
secret_idID secretRequired

Context Output#

PathTypeDescription
Thycotic.Secret.UsernameStringRetrieved username from secret.

Command Example#

!thycotic-secret-username-get secret_id=2

Context Example#

{
"Thycotic": {
"Secret": {
"Username": "w2\\w2"
}
}
}

Human Readable Output#

Retrieved username by ID 2 w2\w2

thycotic-secret-search-name#


Search ID secret by field name

Base Command#

thycotic-secret-search-name

Input#

Argument NameDescriptionRequired
search_nameSearch name secret.Required

Context Output#

PathTypeDescription
Thycotic.Secret.IdStringRetrieved list ID for find secret by field secret name

Command Example#

!thycotic-secret-search-name search_name=xsoarSecret

Context Example#

{
"Thycotic": {
"Secret": {
"Id": [
5
]
}
}
}

Human Readable Output#

Retrieved list ID for search by secret name = xsoarSecret List ID: 5

thycotic-secret-password-update#


Update password for secret

Base Command#

thycotic-secret-password-update

Input#

Argument NameDescriptionRequired
secret_idID secret for update passwordRequired
newpasswordValue new password for secretRequired

Context Output#

PathTypeDescription
Thycotic.Secret.NewpasswordStringNew password changed for secret

Command Example#

!thycotic-secret-password-update secret_id=2 newpassword=12345

Context Example#

{
"Thycotic": {
"Secret": {
"Newpassword": "12345"
}
}
}

Human Readable Output#

Set new password for secret ID 2, set 12345

thycotic-secret-checkout#


Check Out a secret

Base Command#

thycotic-secret-checkout

Input#

Argument NameDescriptionRequired
secret_idID secret for check out commandRequired

Context Output#

PathTypeDescription
Thycotic.Secret.CheckoutStringReturn call command Check Out

Command Example#

!thycotic-secret-checkout secret_id=2

Context Example#

{}

Human Readable Output#

Check Out for secret ID 2, ResponseCode - None

thycotic-secret-checkin#


Check In a secret

Base Command#

thycotic-secret-checkin

Input#

Argument NameDescriptionRequired
secret_idSecret ID.Required

Context Output#

PathTypeDescription
Thycotic.Secret.CheckinStringSecret object

Command Example#

!thycotic-secret-checkin secret_id=13

Context Example#

{
"Thycotic": {
"Secret": {
"Checkin": {
"active": true,
"autoChangeEnabled": false,
"checkOutEnabled": true,
"checkedOut": false,
"createDate": "2020-12-15T09:13:49.487",
"daysUntilExpiration": null,
"doubleLockEnabled": false,
"extendedFields": null,
"folderId": 3,
"hidePassword": false,
"id": 13,
"inheritsPermissions": true,
"isOutOfSync": false,
"isRestricted": true,
"lastAccessed": null,
"lastHeartBeatStatus": "Pending",
"lastPasswordChangeAttempt": "0001-01-01T00:00:00",
"name": "secretT",
"outOfSyncReason": "",
"requiresApproval": false,
"requiresComment": false,
"responseCodes": null,
"secretTemplateId": 6003,
"secretTemplateName": "Windows Account",
"siteId": 1
}
}
}
}

Human Readable Output#

Check In for secret ID=13. CheckOut = False

thycotic-folder-create#


Create a new secret folder

Base Command#

thycotic-folder-create

Input#

Argument NameDescriptionRequired
foldernameFolder nameRequired
foldertypeidFolder type ID(1=< ID =< 3Required
parentfolderidParent folder IDRequired
inheritPermissionsWhether the folder should inherit permissions from its parent (default: true)Optional
inheritSecretPolicyWhether the folder should inherit the secret policy. Defaults to true unless creating a root folder.Optional
secretPolicyIdSecret policy IDOptional

Context Output#

PathTypeDescription
Thycotic.Folder.CreateUnknownNew object folder

Command Example#

!thycotic-folder-create foldername="xsoarFolderTest" foldertypeid="1" parentfolderid="3"

Context Example#

{
"Thycotic": {
"Folder": {
"Create": {
"childFolders": null,
"folderName": "xsoarFolderTest",
"folderPath": "\\Personal Folders\\XSOAR integration\\xsoarFolderTest",
"folderTypeId": 1,
"id": 5,
"inheritPermissions": false,
"inheritSecretPolicy": false,
"parentFolderId": 3,
"secretPolicyId": -1,
"secretTemplates": null
}
}
}
}

Human Readable Output#

Create new folder - xsoarFolderTest

thycotic-folder-search#


Search folder by name folder

Base Command#

thycotic-folder-search

Input#

Argument NameDescriptionRequired
foldernameSearch name folderRequired

Context Output#

PathTypeDescription
Thycotic.Folder.IdStringRetrieved folder ID from search query

Command Example#

!thycotic-folder-search foldername="xsoarFolderTest"

Context Example#

{
"Thycotic": {
"Folder": {
"Id": [
5
]
}
}
}

Human Readable Output#

Retrieved list ID for folder by folder name = xsoarFolderTest List ID: 5

Command Example#

!thycotic-folder-delete folder_id="18"

Context Example#

{
"Thycotic": {
"Folder": {
"Delete": {
"id": 18,
"objectType": "Folder",
"responseCodes": []
}
}
}
}

Human Readable Output#

Deleted folder ID: 18

thycotic-secret-get#


Get secret object by ID secret

Base Command#

thycotic-secret-get

Input#

Argument NameDescriptionRequired
secret_idID for secretRequired

Context Output#

PathTypeDescription
Thycotic.SecretStringSecret object

Command Example#

!thycotic-secret-get secret_id=2

Context Example#

{
"Thycotic": {
"Secret": {
"accessRequestWorkflowMapId": -1,
"active": true,
"allowOwnersUnrestrictedSshCommands": false,
"autoChangeEnabled": false,
"autoChangeNextPassword": "2$C$7vl8*SN@",
"checkOutChangePasswordEnabled": false,
"checkOutEnabled": true,
"checkOutIntervalMinutes": -1,
"checkOutMinutesRemaining": 30,
"checkOutUserDisplayName": "XSOAR integration",
"checkOutUserId": 3,
"checkedOut": true,
"doubleLockId": -1,
"enableInheritPermissions": true,
"enableInheritSecretPolicy": true,
"failedPasswordChangeAttempts": 0,
"folderId": 3,
"id": 2,
"isDoubleLock": false,
"isOutOfSync": false,
"isRestricted": true,
"items": [
{
"fieldDescription": "The Server or Location of the Windows Machine.",
"fieldId": 83,
"fieldName": "Machine",
"fileAttachmentId": null,
"filename": null,
"isFile": false,
"isNotes": false,
"isPassword": false,
"itemId": 5,
"itemValue": "192.168.100.1",
"slug": "machine"
},
{
"fieldDescription": "The Username of the Windows User.",
"fieldId": 86,
"fieldName": "Username",
"fileAttachmentId": null,
"filename": null,
"isFile": false,
"isNotes": false,
"isPassword": false,
"itemId": 6,
"itemValue": "w2\\w2",
"slug": "username"
},
{
"fieldDescription": "The password of the Windows User.",
"fieldId": 85,
"fieldName": "Password",
"fileAttachmentId": null,
"filename": null,
"isFile": false,
"isNotes": false,
"isPassword": true,
"itemId": 7,
"itemValue": "1234567890",
"slug": "password"
},
{
"fieldDescription": "Any additional notes.",
"fieldId": 84,
"fieldName": "Notes",
"fileAttachmentId": null,
"filename": null,
"isFile": false,
"isNotes": true,
"isPassword": false,
"itemId": 8,
"itemValue": "",
"slug": "notes"
}
],
"lastHeartBeatCheck": "0001-01-01T00:00:00",
"lastHeartBeatStatus": "Pending",
"lastPasswordChangeAttempt": "0001-01-01T00:00:00",
"launcherConnectAsSecretId": -1,
"name": "test-w2",
"outOfSyncReason": "",
"passwordTypeWebScriptId": -1,
"proxyEnabled": false,
"requiresApprovalForAccess": false,
"requiresComment": false,
"responseCodes": [],
"restrictSshCommands": false,
"secretPolicyId": -1,
"secretTemplateId": 6003,
"secretTemplateName": "Windows Account",
"sessionRecordingEnabled": false,
"siteId": 1
}
}
}

Human Readable Output#

Secret object by ID 2 {'id': 2, 'name': 'test-w2', 'secretTemplateId': 6003, 'folderId': 3, 'active': True, 'items': [{'itemId': 5, 'fileAttachmentId': None, 'filename': None, 'itemValue': '192.168.100.1', 'fieldId': 83, 'fieldName': 'Machine', 'slug': 'machine', 'fieldDescription': 'The Server or Location of the Windows Machine.', 'isFile': False, 'isNotes': False, 'isPassword': False}, {'itemId': 6, 'fileAttachmentId': None, 'filename': None, 'itemValue': 'w2\w2', 'fieldId': 86, 'fieldName': 'Username', 'slug': 'username', 'fieldDescription': 'The Username of the Windows User.', 'isFile': False, 'isNotes': False, 'isPassword': False}, {'itemId': 7, 'fileAttachmentId': None, 'filename': None, 'itemValue': '1234567890', 'fieldId': 85, 'fieldName': 'Password', 'slug': 'password', 'fieldDescription': 'The password of the Windows User.', 'isFile': False, 'isNotes': False, 'isPassword': True}, {'itemId': 8, 'fileAttachmentId': None, 'filename': None, 'itemValue': '', 'fieldId': 84, 'fieldName': 'Notes', 'slug': 'notes', 'fieldDescription': 'Any additional notes.', 'isFile': False, 'isNotes': True, 'isPassword': False}], 'launcherConnectAsSecretId': -1, 'checkOutMinutesRemaining': 30, 'checkedOut': True, 'checkOutUserDisplayName': 'XSOAR integration', 'checkOutUserId': 3, 'isRestricted': True, 'isOutOfSync': False, 'outOfSyncReason': '', 'autoChangeEnabled': False, 'autoChangeNextPassword': '2$C$7vl8*SN@', 'requiresApprovalForAccess': False, 'requiresComment': False, 'checkOutEnabled': True, 'checkOutIntervalMinutes': -1, 'checkOutChangePasswordEnabled': False, 'accessRequestWorkflowMapId': -1, 'proxyEnabled': False, 'sessionRecordingEnabled': False, 'restrictSshCommands': False, 'allowOwnersUnrestrictedSshCommands': False, 'isDoubleLock': False, 'doubleLockId': -1, 'enableInheritPermissions': True, 'passwordTypeWebScriptId': -1, 'siteId': 1, 'enableInheritSecretPolicy': True, 'secretPolicyId': -1, 'lastHeartBeatStatus': 'Pending', 'lastHeartBeatCheck': '0001-01-01T00:00:00', 'failedPasswordChangeAttempts': 0, 'lastPasswordChangeAttempt': '0001-01-01T00:00:00', 'secretTemplateName': 'Windows Account', 'responseCodes': []}

thycotic-secret-search#


Search secret ID by multiply params

Base Command#

thycotic-secret-search

Input#

Argument NameDescriptionRequired
filter.allowDoubleLocksWhether to allow DoubleLocks as part of the search. True by defaultOptional
filter.doNotCalculateTotalWhether to return the total number of secrets matching the filters. False by defaultOptional
filter.doubleLockIdOnly include Secrets with this DoubleLock ID assigned in the search resultsOptional
filter.extendedFieldsNames of Secret Template fields to return. Only exposed fields can be returned.Optional
filter.extendedTypeIdReturn only secrets matching a certain extended typeOptional
filter.folderIdReturn only secrets within a certain folderOptional
filter.heartbeatStatusReturn only secrets with a certain heartbeat statusOptional
filter.includeActiveWhether to include active secrets in results (when excluded equals true)Optional
filter.includeInactiveWhether to include inactive secrets in resultsOptional
filter.includeRestrictedWhether to include restricted secrets in resultsOptional
filter.isExactMatchWhether to do an exact match of the search text or a partial matchOptional
filter.onlyRPCEnabledWhether to only include secrets whose template has Remote Password Changing enabledOptional
filter.onlySharedWithMeWhen true only Secrets where you are not the owner and the Secret was shared explicitly with your user id will be returned.Optional
filter.passwordTypeIdsReturn only secrets matching certain password typesOptional
filter.permissionRequiredSpecify whether to filter by List, View, Edit, or Owner permission. Default is List. (List = 1, View = 2, Edit = 3, Owner = 4Optional
filter.scopeSpecify whether to search AllSecrets, Recent, or Favorites (All = 1, Recent = 2,Favorites = 3Optional
filter.searchFieldField to searchOptional
filter.searchFieldSlugField-slug to search. This will override SearchField.Optional
filter.searchTextSearch textOptional
filter.secretTemplateIdReturn only secrets matching a certain templateOptional
filter.siteIdReturn only secrets within a certain siteOptional
skipNumber of records to skip before taking resultsOptional
sortBy[0].directionSort directionOptional
sortBy[0].nameSort field nameOptional
sortBy[0].priorityPriority index. Sorts with lower values are executed earlierOptional
takeMaximum number of records to include in resultsOptional
filter.includeSubFoldersWhether to include secrets in subfolders of the specified folderOptional

Context Output#

PathTypeDescription
Thycotic.Secret.SecretStringSearch secret object

Command Example#

!thycotic-secret-search filter.folderId=3 filter.includeSubFolders=true filter.searchField=name filter.searchText=xsoar

Context Example#

{
"Thycotic": {
"Secret": {
"Secret": [
5
]
}
}
}

Human Readable Output#

Search secret [5]

thycotic-folder-update#


Update a single secret folder by ID

Base Command#

thycotic-folder-update

Input#

Argument NameDescriptionRequired
folderNameFolder nameOptional
folderTypeIdFolder type IDOptional
idFolder ID. Must match ID in pathRequired
inheritPermissionsWhether the folder inherits permissions from its parentOptional
inheritSecretPolicyWhether the folder inherits the secret policyOptional
parentFolderIdID parent folderOptional
secretPolicyIdSecret Policy IDOptional

Context Output#

PathTypeDescription
Thycotic.Folder.UpdateStringRetrieved return operation update folder

Command Example#

!thycotic-folder-update id=4 folderName="SafexsoarTest"

Context Example#

{
"Thycotic": {
"Folder": {
"Update": {
"childFolders": null,
"folderName": "SafexsoarTest",
"folderPath": "\\Personal Folders\\XSOAR integration\\SafexsoarTest",
"folderTypeId": 1,
"id": 4,
"inheritPermissions": false,
"inheritSecretPolicy": false,
"parentFolderId": 3,
"secretPolicyId": -1,
"secretTemplates": null
}
}
}
}

Human Readable Output#

{'id': 4, 'folderName': 'SafexsoarTest', 'folderPath': '\Personal Folders\XSOAR integration\SafexsoarTest', 'parentFolderId': 3, 'folderTypeId': 1, 'secretPolicyId': -1, 'inheritSecretPolicy': False, 'inheritPermissions': False, 'childFolders': None, 'secretTemplates': None}

thycotic-secret-create#


Create new object Secret

Base Command#

thycotic-secret-create

Input#

Argument NameDescriptionRequired
autoChangeEnabledAutoChangeEnabled optionsOptional
checkOutChangePasswordEnabledCheckOutChangePasswordEnabled optionsOptional
checkOutEnabledWhether secret checkout is enabledOptional
checkOutIntervalMinutesCheckout interval, in minutes (integer)Optional
enableInheritPermissionsWhether the secret inherits permissions from the containing folderOptional
enableInheritSecretPolicyWhether the secret policy is inherited from the containing folderOptional
folderIdSecret folder ID. May be null unless secrets are required to be in folders.(integer)Optional
launcherConnectAsSecretIdLauncherConnectAsSecretId(integer)Optional
nameSecret nameRequired
passwordTypeWebScriptIdpasswordTypeWebScriptId options(integer)Optional
proxyEnabledproxyEnabled optionsOptional
requiresCommenrequiresCommen optionsOptional
secretPolicyIdsecretPolicyId options(integer)Optional
secretTemplateIdSecret Template ID (integer)Required
sessionRecordingEnabledsessionRecordingEnabled optionsOptional
siteIdsiteId options (integer)Required
sshKeyArgssshKeyArgs options(list args)Optional
domain_itemItem Domain for secret. If need to select template.Optional
machine_itemItem Machine for secret. If need to select template.Optional
username_itemItem Username for secret.If need to select template.Optional
password_itemItem Password for secret.If need to select template.Optional
notes_itemItem Notes for secret.IF need to select template.Optional

Context Output#

PathTypeDescription
Thycotic.Secret.CreateStringSecret Model

Command Example#

!thycotic-secret-create name="xsoarSecret" secretTemplateId="6003" siteId="1" checkOutEnabled=true folderId=3 machine_item="my-machine" username_item="my-username" password_item="XXXXXX@@@@@####"

Context Example#

{
"Thycotic": {
"Secret": {
"Create": {
"accessRequestWorkflowMapId": -1,
"active": true,
"allowOwnersUnrestrictedSshCommands": false,
"autoChangeEnabled": false,
"autoChangeNextPassword": null,
"checkOutChangePasswordEnabled": false,
"checkOutEnabled": true,
"checkOutIntervalMinutes": -1,
"checkOutMinutesRemaining": 0,
"checkOutUserDisplayName": "",
"checkOutUserId": 0,
"checkedOut": false,
"doubleLockId": 0,
"enableInheritPermissions": true,
"enableInheritSecretPolicy": false,
"failedPasswordChangeAttempts": 0,
"folderId": 3,
"id": 5,
"isDoubleLock": false,
"isOutOfSync": false,
"isRestricted": true,
"items": [
{
"fieldDescription": "The Server or Location of the Windows Machine.",
"fieldId": 83,
"fieldName": "Machine",
"fileAttachmentId": null,
"filename": null,
"isFile": false,
"isNotes": false,
"isPassword": false,
"itemId": 19,
"itemValue": "my-machine",
"slug": "machine"
},
{
"fieldDescription": "The Username of the Windows User.",
"fieldId": 86,
"fieldName": "Username",
"fileAttachmentId": null,
"filename": null,
"isFile": false,
"isNotes": false,
"isPassword": false,
"itemId": 20,
"itemValue": "my-username",
"slug": "username"
},
{
"fieldDescription": "The password of the Windows User.",
"fieldId": 85,
"fieldName": "Password",
"fileAttachmentId": null,
"filename": null,
"isFile": false,
"isNotes": false,
"isPassword": true,
"itemId": 21,
"itemValue": "XXXXXX@@@@@####",
"slug": "password"
},
{
"fieldDescription": "Any additional notes.",
"fieldId": 84,
"fieldName": "Notes",
"fileAttachmentId": null,
"filename": null,
"isFile": false,
"isNotes": true,
"isPassword": false,
"itemId": 22,
"itemValue": "",
"slug": "notes"
}
],
"lastHeartBeatCheck": "0001-01-01T00:00:00",
"lastHeartBeatStatus": "Pending",
"lastPasswordChangeAttempt": "0001-01-01T00:00:00",
"launcherConnectAsSecretId": -1,
"name": "xsoarSecret",
"outOfSyncReason": "",
"passwordTypeWebScriptId": -1,
"proxyEnabled": false,
"requiresApprovalForAccess": false,
"requiresComment": false,
"responseCodes": [],
"restrictSshCommands": false,
"secretPolicyId": -1,
"secretTemplateId": 6003,
"secretTemplateName": "Windows Account",
"sessionRecordingEnabled": false,
"siteId": 1
}
}
}
}

Human Readable Output#

Create new secret with xsoarSecret, object - {'id': 5, 'name': 'xsoarSecret', 'secretTemplateId': 6003, 'folderId': 3, 'active': True, 'items': [{'itemId': 19, 'fileAttachmentId': None, 'filename': None, 'itemValue': 'my-machine', 'fieldId': 83, 'fieldName': 'Machine', 'slug': 'machine', 'fieldDescription': 'The Server or Location of the Windows Machine.', 'isFile': False, 'isNotes': False, 'isPassword': False}, {'itemId': 20, 'fileAttachmentId': None, 'filename': None, 'itemValue': 'my-username', 'fieldId': 86, 'fieldName': 'Username', 'slug': 'username', 'fieldDescription': 'The Username of the Windows User.', 'isFile': False, 'isNotes': False, 'isPassword': False}, {'itemId': 21, 'fileAttachmentId': None, 'filename': None, 'itemValue': 'XXXXXX@@@@@####', 'fieldId': 85, 'fieldName': 'Password', 'slug': 'password', 'fieldDescription': 'The password of the Windows User.', 'isFile': False, 'isNotes': False, 'isPassword': True}, {'itemId': 22, 'fileAttachmentId': None, 'filename': None, 'itemValue': '', 'fieldId': 84, 'fieldName': 'Notes', 'slug': 'notes', 'fieldDescription': 'Any additional notes.', 'isFile': False, 'isNotes': True, 'isPassword': False}], 'launcherConnectAsSecretId': -1, 'checkOutMinutesRemaining': 0, 'checkedOut': False, 'checkOutUserDisplayName': '', 'checkOutUserId': 0, 'isRestricted': True, 'isOutOfSync': False, 'outOfSyncReason': '', 'autoChangeEnabled': False, 'autoChangeNextPassword': None, 'requiresApprovalForAccess': False, 'requiresComment': False, 'checkOutEnabled': True, 'checkOutIntervalMinutes': -1, 'checkOutChangePasswordEnabled': False, 'accessRequestWorkflowMapId': -1, 'proxyEnabled': False, 'sessionRecordingEnabled': False, 'restrictSshCommands': False, 'allowOwnersUnrestrictedSshCommands': False, 'isDoubleLock': False, 'doubleLockId': 0, 'enableInheritPermissions': True, 'passwordTypeWebScriptId': -1, 'siteId': 1, 'enableInheritSecretPolicy': False, 'secretPolicyId': -1, 'lastHeartBeatStatus': 'Pending', 'lastHeartBeatCheck': '0001-01-01T00:00:00', 'failedPasswordChangeAttempts': 0, 'lastPasswordChangeAttempt': '0001-01-01T00:00:00', 'secretTemplateName': 'Windows Account', 'responseCodes': []}

thycotic-secret-delete#


Delete secret

Base Command#

thycotic-secret-delete

Input#

Argument NameDescriptionRequired
idID secret for deleteRequired

Context Output#

PathTypeDescription
Thycotic.Secret.DeleteStringInformation about an object that was deleted

Command Example#

!thycotic-secret-delete id=2

Context Example#

{
"Thycotic": {
"Secret": {
"Deleted": {
"id": 2,
"objectType": "Secret",
"responseCodes": []
}
}
}
}

Human Readable Output#

Deleted secret ID:2

thycotic-user-create#


Create a new user

Base Command#

thycotic-user-create

Input#

Argument NameDescriptionRequired
displayNameUser display nameRequired
passwordPassword for new userRequired
userNameUsernameRequired
adGuidActive Directory unique identifierOptional
domainIdActive Directory domain IDOptional
duoTwoFactorWhether Duo two-factor authentication is enabledOptional
emailAddressUser email addressOptional
enabledWhether the user account is enabledOptional
fido2TwoFactorWhether Duo two-factor authentication is enabledOptional
isApplicationAccountIsApplicationAccountOptional
oathTwoFactorWhether OATH two-factor authentication is enabledOptional
radiusTwoFactorWhether RADIUS two-factor authentication is enabledOptional
radiusUserNameRADIUS usernameOptional
twoFactorWhether two-factor authentication is enabledOptional

Context Output#

PathTypeDescription
Thycotic.User.CreateStringUser Model

Command Example#

Human Readable Output#

thycotic-user-search#


Search, filter, sort, and page users

Base Command#

thycotic-user-search

Input#

Argument NameDescriptionRequired
filter.domainIdFilter users by Active Directory domain (integer)Optional
filter.includeInactiveWhether to include inactive users in the resultsOptional
filter.searchFieldsFields to searchOptional
filter.searchTextSearch textOptional
skipNumber of records to skip before taking resultsOptional
sortBy[0].directionSort directionOptional
sortBy[0].nameSort field nameOptional
sortBy[0].priorityPriority index. Sorts with lower values are executed earlier (integer)Optional
takeMaximum number of records to include in results(integer)Optional

Context Output#

PathTypeDescription
Thycotic.User.SearchStringSpecify paging and sorting options for querying records and returning results

Command Example#

!thycotic-user-search filter.searchFields="userName" filter.searchText="xsoarUser"

Context Example#

{
"Thycotic": {
"User": {
"Search": null
}
}
}

Human Readable Output#

[]

thycotic-user-update#


Update a single user by ID

Base Command#

thycotic-user-update

Input#

Argument NameDescriptionRequired
idUser IDRequired
dateOptionIdDateOptionId(integer)Optional
displayNameDisplay nameOptional
duoTwoFactorWhether Duo two-factor authentication is enabledOptional
emailAddressE-mailOptional
enabledWhether the user account is enabledOptional
fido2TwoFactorWhether FIDO2 two-factor authentication is enabledOptional
groupOwnersGroupOwners(integer)Optional
isApplicationAccountIsApplicationAccountOptional
isGroupOwnerUpdateisGroupOwnerUpdateOptional
isLockedOutWhether the user is locked outOptional
loginFailuresNumber of login failuresOptional
oathTwoFactorWhether OATH two-factor authentication is enabledOptional
passwordPasswordOptional
radiusTwoFactorWhether RADIUS two-factor authentication is enabledOptional
radiusUserNameRADIUS usernameOptional
timeOptionIdtimeOptionId (integer)Optional
twoFactorWhether two-factor authentication is enabledOptional

Context Output#

PathTypeDescription
Thycotic.User.UpdateStringUser Model

Command Example#

Human Readable Output#

thycotic-user-delete#


Delete a user by ID

Base Command#

thycotic-user-delete

Input#

Argument NameDescriptionRequired
idUser IDRequired

Context Output#

PathTypeDescription
Thycotic.User.DeleteStringInformation about an object that was deleted

Command Example#

Human Readable Output#

thycotic-secret-rpc-changepassword#


Change a secret's password

Base Command#

thycotic-secret-rpc-changepassword

Input#

Argument NameDescriptionRequired
secret_idSecret IDRequired
newPasswordNew secret passwordRequired

Context Output#

PathTypeDescription
Thycotic.Secret.ChangePasswordStringSecret summary object

Command Example#

!thycotic-secret-rpc-changepassword secret_id=4 newPassword="Test000"

Context Example#

{
"Thycotic": {
"Secret": {
"ChangePassword": {
"active": true,
"autoChangeEnabled": false,
"checkOutEnabled": false,
"checkedOut": false,
"createDate": "2020-11-02T18:06:07.357",
"daysUntilExpiration": null,
"doubleLockEnabled": false,
"extendedFields": null,
"folderId": -1,
"hidePassword": false,
"id": 4,
"inheritsPermissions": false,
"isOutOfSync": false,
"isRestricted": false,
"lastAccessed": null,
"lastHeartBeatStatus": "Success",
"lastPasswordChangeAttempt": "0001-01-01T00:00:00",
"name": "g1-machine",
"outOfSyncReason": "",
"requiresApproval": false,
"requiresComment": false,
"responseCodes": null,
"secretTemplateId": 6007,
"secretTemplateName": "Unix Account (SSH)",
"siteId": 1
}
}
}
}

Human Readable Output#

{'id': 4, 'name': 'g1-machine', 'secretTemplateId': 6007, 'secretTemplateName': 'Unix Account (SSH)', 'folderId': -1, 'siteId': 1, 'active': True, 'checkedOut': False, 'isRestricted': False, 'isOutOfSync': False, 'outOfSyncReason': '', 'lastHeartBeatStatus': 'Success', 'lastPasswordChangeAttempt': '0001-01-01T00:00:00', 'responseCodes': None, 'lastAccessed': None, 'extendedFields': None, 'checkOutEnabled': False, 'autoChangeEnabled': False, 'doubleLockEnabled': False, 'requiresApproval': False, 'requiresComment': False, 'inheritsPermissions': False, 'hidePassword': False, 'createDate': '2020-11-02T18:06:07.357', 'daysUntilExpiration': None}