aaearon
commented
3 years ago Looking at this further, the authentication for the CredentialRetriever is 'stateless' compared to psPAS and PASSession which is 'stateful.' I am not sure if it makes sense to try to shoehorn this all into a single SecretManagement extension. Maybe it makes sense to separate this into something like SecretManagement.CyberArk.CredentialProvider (maybe it would also make sense to seperate into SecretManagement.CyberArk.CredentialProvider and SecretManagement.CyberArk.CentralCredentialProvider.)
Suggested in https://github.com/aaearon/SecretManagement.CyberArk/issues/1#issuecomment-799873920
Right now the user has to use psPAS and a PASSession in order to authenticate to the CyberArk Vault. The extension should be flexible enough to allow authentication via CredentialRetriever.