Direct Mapping Credential Cycling Configuration

Use this section of the template for solution-neutral direct attribute mapping. Be sure to remove the CyberArk and BeyondTrust sections of the template.

In the Credential Source section, you configure your actual credential values, since you are not connecting to a third-party PAM source. It is a good practice to use encrypted passwords in this section.

The Credential Associations settings connect the values in the Credential Source section to your applications as shown in the template XML below.

Copy
<CredentialSource credentialClass="sailpoint.pam.credential.MapCredentialManager" name="mapCredManager">  
                <!-- The attributes in this map are the values that will be returned by the map credential manager.    
                     It's probably a good idea to encrypt these so they are not stored in plain text if the values  
                     are sensitive -->  
                <Attributes>  
                  <Map>  
                    <entry key="credentialValues">  
                      <value>  
                        <Map>  
                          <entry key="map_username_attribute" value="john_doe_username"/>  
                          <entry key="map_password_attribute" value="super_secret_password"/>  
                        </Map>  
                      </value>  
                    </entry>  
                  </Map>  
                </Attributes>  
                <!-- *** Application Configuration -->  
                <CredentialAssociation applicationName="application_name"   
                                       attributeName="application_username_attribute"   
                                       credentialAttributeName="map_username_attribute"/>  
                <CredentialAssociation applicationName="application_name"   
                                       attributeName="application_password_attribute"   
                                       credentialAttributeName="map_password_attribute"/>  
              </CredentialSource>