- 23 Apr 2023
- 2 Minutes to read
- Print
- DarkLight
- PDF
Thycotic Integration
- Updated on 23 Apr 2023
- 2 Minutes to read
- Print
- DarkLight
- PDF
The Thycotic integration enables Axonius to securely pull privileged credentials from the Thycotic Secret Server. The integration ensures that privileged credentials are secured in the Thycotic Secret Server, rotated to meet company guidelines, and meet complexity requirements.
This integration has only been tested and supported with version 10.7. Please contact Axonius Support if you have a different version and it is not functioning as expected.
Description of Product Integration
Axonius uses the Secret Server REST API 10.7 to fetch credentials from the Thycotic Secret Server, refer to Thycotic Documentation.
Axonius authenticates to Thycotic Secret Server using bearer token authentication.
The integration supports both an on-premise Thycotics Secret Server and a cloud instance of Thycotic Secret Server.
The credentials are only fetched by Axonius when:
- Creating a new adapter connection
- Updating an existing adapter connection
- Running an enforcement set
- Fetching asset information for adapters during discovery cycles
Axonius does not store the credentials anywhere and deletes any trace of credentials.
To enable fetching credentials from your Thycotic Secret Server, you need to:
- Install and configure Thycotic Secret Server version 10.7 or use the Cloud instance of Thycotic Secret Server.
- Enable and configure the External Password Managers - Enterprise Password Management Settings in Axonius.
- Configure adapter connection credential to fetch passwords from Thycotic Secret Server.
Enable Thycotic Integration
Enable Thycotic integration and allow to Axonius to securely pull privileged credentials from the Thycotic Secret Server.
Following the guidelines in Enterprise Password Management Settings.
Working with Thycotic
Once the Thycotic integration is enabled in Axonius, a new Thycotic Secret Server icon will appear in all password fields when configuring adapters or Enforcement sets, allowing you to enter a password manually or to fetch the secret from Thycotic Secret Server.
To fetch the password from Thycotic Secret Server:
- In a password field, click the Thycotic icon. If you have configured more than one password manager, click the vault icon
and select Thycotic Secret Server from the drop-down. A Thycotic Secret Server dialog opens.
- In the dialog, specify the following parameters:
- Secret ID (required) - The secret ID for the password. This secret ID represents a unique identified for the secret in Thycotic.
- Field Name (required, default: Password) - The field name for the password. This is case sensitive.
- Click Fetch.
- If the fetch is successful, a green indication will be displayed next to the Thycotic icon.
- If the fetch is unsuccessful, a red indication will be displayed next to the Thycotic icon. Hovering over the Thycotic Secret Server icon will show the error.
- If the fetch is successful, a green indication will be displayed next to the Thycotic icon.