CyberArk credential storage can not authenticate when the CyberArk credential identifier is <Blank> - Support and Troubleshooting

CyberArk credential storage can not authenticate when the CyberArk credential identifier is Issue CyberArk credential identifier configuration with option credential ID = 'blank', fails with error:

'ABC' Provider 'XYZ' has failed to fetch password with query [safe= ;folder= ;address= ;policyid= ] for application [ServiceNow_MID_Server]. Fetch reason: [[AppID: ServiceNow_MID_Server] ]. Failure reason: ['ABC' Password object matching query [safe=^ ;folder= ;address= ;policyid= ] was not found (Diagnostic Info: 5). Please check that there is a password object that answers your query in the Vault and that both the Provider and the application user have the appropriate permissions needed in order to use the password.]

Cause Credential lookup initially attempts to match the specified credential ID to an existing value in the CyberArk vault Name field. If a match is found, that credential is returned. If no match is found, the credential lookup attempts to find a match using the IP address. If the IP address lookup matches more than one credential, such as Windows and Tomcat on the same server, the lookup fails.

Resolution Set the ext.cred.type_specifier parameter in the MID Server config.xml file to true to force CyberArk to return credentials. And restart the MID Server to take effect the changes. Related Links Configure the CyberArk credential identifier CyberArk credential storage integration