topic CyberArk + Dynatrace External Vault Issue: Same Credential Returned for Different Account Names in Automations https://community.dynatrace.com/t5/Automations/CyberArk-Dynatrace-External-Vault-Issue-Same-Credential-Returned/m-p/294911#M2507 <P>Hello everyone,</P><P>I’m currently working on CyberArk External Vault integration in Dynatrace using the allowed machines (host-based) method and ran into confusing behavior.</P><P>Setup summary:</P><UL><LI><P>Using Application ID, Safe Name, and Account Name from CyberArk.</P></LI><LI><P>The default URL with the folder path was returning 404, so we removed the folder segment and passed the account name in the object parameter instead.</P></LI><LI><P>After this change, API calls return 200 and password rotation works. Dynatrace updates successfully when the authentication account password changes.</P></LI></UL><P>The challenge:<BR />When I try to use another account stored in the same CyberArk safe (same Application ID and Safe Name but different account), Dynatrace still shows the same username/password from the authentication account rather than the new CyberArk credential. It looks like Dynatrace keeps pulling the authentication identity instead of the requested account.</P><P>Has anyone faced similar behavior while configuring CyberArk external vault integration?<BR />Is this expected when using the same AppID/Safe, or is there an additional mapping or parameter required so Dynatrace retrieves the actual target account?</P><P>Any real-world experience or guidance would help.</P> Wed, 18 Feb 2026 11:22:21 GMT kpurimitla 2026-02-18T11:22:21Z CyberArk + Dynatrace External Vault Issue: Same Credential Returned for Different Account Names https://community.dynatrace.com/t5/Automations/CyberArk-Dynatrace-External-Vault-Issue-Same-Credential-Returned/m-p/294911#M2507 <P>Hello everyone,</P><P>I’m currently working on CyberArk External Vault integration in Dynatrace using the allowed machines (host-based) method and ran into confusing behavior.</P><P>Setup summary:</P><UL><LI><P>Using Application ID, Safe Name, and Account Name from CyberArk.</P></LI><LI><P>The default URL with the folder path was returning 404, so we removed the folder segment and passed the account name in the object parameter instead.</P></LI><LI><P>After this change, API calls return 200 and password rotation works. Dynatrace updates successfully when the authentication account password changes.</P></LI></UL><P>The challenge:<BR />When I try to use another account stored in the same CyberArk safe (same Application ID and Safe Name but different account), Dynatrace still shows the same username/password from the authentication account rather than the new CyberArk credential. It looks like Dynatrace keeps pulling the authentication identity instead of the requested account.</P><P>Has anyone faced similar behavior while configuring CyberArk external vault integration?<BR />Is this expected when using the same AppID/Safe, or is there an additional mapping or parameter required so Dynatrace retrieves the actual target account?</P><P>Any real-world experience or guidance would help.</P> Wed, 18 Feb 2026 11:22:21 GMT https://community.dynatrace.com/t5/Automations/CyberArk-Dynatrace-External-Vault-Issue-Same-Credential-Returned/m-p/294911#M2507 kpurimitla 2026-02-18T11:22:21Z