Cloud integration using Delinea Secret Server and Automation 360 securely manages privileged credentials while automating workflows, and enhancing security and efficiency in Cloud environments.

Prerequisites

Before you start, make sure you have the following:

  • To set up Delinea Secret Server configuration, see Delinea Platform documentation. You will need the following information from Delinea:

    • To create the OAuth connection with Delinea Secret Server:
      • Token URL: This is the URL to get access tokens from Delinea Secret Server. For example, a Delinea platform token URL: https://<>.delinea.app/identity/api/oauth2/token/xpmplatform .
      • Scope: This is the scope needed by the Delinea issued tokens: clientId and clientSecret of the service account. For scope example, if the token is for a platform: xpmheadless.
    • The service account in Delinea should have at least View access to the secrets in Delinea.
    • The Delinea Secret Server URL.

  • Access to the Automation 360 Cloud Control Room with Admin privileges

  • User needs to have View and Manged Settings permissions set up for are required Automation 360.

Automation 360 configuration

This procedure helps you set up Automation 360 to work with Delinea Secret Server.
  • First, you set up the OAuth connection.
  • Then, you add the vault configuration.

Set up OAuth Connection

Complete the following steps from the Create OAuth connection procedure.

  1. To set up the OAuth connection, navigate to Manage > OAuth Connections .
  2. Click Create Connection.
  3. From the Connection settings screen, enter the following:
    • Provider Type: Select a provider type, for example Custom or Apigee.
    • Name: Enter a unique name, such as: Delinea-Test-Connection
    • Flow Type: Select the Client Credentials Flow grant type for the Delinea platform with the Delinea Secret Server and the Client authentication method: using both basic and post (see screen shot)
    • Client Id: User need to retrieve information comes from their Delinea configuration.
    • Client Secret: Information comes from Delinea
    • Token URL: OAuth 2.0 endpoint from Delinea (for example: https://<>.delinea.app/identity/api/oauth2/token/xpmplatform)
    • Scope: For example, if token is for a platform: xpmheadless
  4. Validate the configuration by testing the OAuth connection.
  5. Save the OAuth connection.

Once successful, configure the Delinea Secret Server vault configuration and select the created OAth connection.

Configure Delinea Secret Server vault

  1. Log in to the Automation 360 Control Room with View Settings > Manage Settings permission.
  2. From the Control Room, navigate to Administration > Settings > External key vault .
  3. In the Configuration Settings section, click Edit.
  4. Scroll to the bottom and select the Delinea secret server.
  5. Enter the Vault URL (for example: https://<yourvault>.secretservercloud.com).
  6. Select the OAuth connection name from drop-down list.
  7. The default HTTP header name is Authorization.
  8. (Optional) Enter the Server certificate - PEM format (optional) used to provide secure TLS communication.
  9. Click Save changes to save the vault configuration.

    Delinea secret server external key vault settings