Integrating Secret Server with MID Server Credential Resolver

Integrating the Secret Server with the MID Server Credential Resolver allows for secure credential storage and enables the MID Server in your ServiceNow instance to dynamically retrieve these credentials during automation tasks.

Secret Server Implementation Modes

Secret Server offers the following two implementation modes.

• Just-In-Time mode

In this mode, the MID Server agent configuration file is modified to include the Secret Server API account’s credential in encrypted format. The MID Server agent handles authenticating to the REST API and requesting the needed OAuth2 token to retrieve secrets.

You must provide credentials (for example, username and password) in encrypted format within the configuration file. If this method is used to ensure access to the MID Server, the agent’s folder is restricted.

• Grant File Mode

In this mode, the MID Server agent configuration file is modified to include the path to an oauth2_grant. json file. This file contains the access token the agent will use to authenticate API calls. It requires an external source to write the OAuth2 token to the file.

The external source requires execution on a regular schedule based on the Web Services configuration of your Secret Service instance. The Windows Task Scheduler is the recommended mechanism.

For more information about this integration, see the following topics: