MID Server Azure Key Vault integrationSummary<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: var(--now-color--text-primary, #000000); } span { font-size: 12pt; font-family: Lato; color: var(--now-color--text-primary, #000000); } h2 { font-size: 24pt; font-family: Lato; color: var(--now-color--text-primary, black); } h3 { font-size: 18pt; font-family: Lato; color: var(--now-color--text-primary, black); } h4 { font-size: 14pt; font-family: Lato; color: var(--now-color--text-primary, black); } a { font-size: 12pt; font-family: Lato; color: var(--now-color--link-primary, #00718F); } a:hover { font-size: 12pt; color: var(--now-color--link-primary, #024F69); } a:target { font-size: 12pt; color: var(--now-color--link-primary, #032D42); } a:visited { font-size: 12pt; color: var(--now-color--link-primary, #00718f); } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } Azure Key Vault Setup for a MID Server within the Azure environment STEP 1:On the Azure portal, navigate to your Virtual machine > Security > Identity > Enable managed identity Once it is enabled, click on 'Azure role assignments' > Add role assignment (Preview) Scope = Key VaultSubscription = <SELECT YOUR SUBSCRIPTION>Resource = <SELECT YOUR KEY VAULT>Role = Key Vault Secrets User Click on Save STEP 2:On the Azure portal, navigate to your Key vault > Objects > Secrets > +Generate/Import Upload options = ManualName = <INSERT YOUR DESIRED NAME>Secret value = <INSERT THE CREDENTIAL IN JSON FORMAT> NOTE: Credentials should be stored in JSON format in the Secret value in order for the MID Server to be able to parse correctly. For example, SSH and Windows credentials can be stored as JSON string as shown below:{"type":"ssh","user_name":"<username_value>","password":"<password_value>"} Windows credentials can be stored as JSON string as shown below:{ "type":"windows", "user_name":"<username_value>", "password":"<password_value>", "domain":"<domain_value>" //If it is null or empty, user name will become `.\user`} Other credential formats can be found in the product documentation: MID Server Azure Key Vault Integration Click on Save STEP 3:On the ServiceNow instance, navigate to All > Discovery > Credentials > New > <SELECT YOUR CREDENTIAL TYPE>Change the view to "External_credential_storage" Enable "External credential store"Credential storage vault = Azure KeyVaultName = <YOUR DESIRED NAME>Credential ID = <NAME OF THE SECRET CREATED IN STEP 2 ABOVE>:<NAME OF THE AZURE KEY VAULT> [e.g. akv-windows-discovery:emprkyKeyVault]Click on Submit STEP 4:Test your credential using the same Azure hosted MID Server on the target device's IP.The test should be successful with "Credential Validated" message. Post validation, you should be able to successfully use this credential for Discovery.If 'Test credential' option is not available, you need to run the actual Discovery job to validate.