I’m a long-time user of Royal TS and greatly appreciate the flexibility of Dynamic Credentials and Dynamic Folders. However, for users working in high-security environments with systems like CyberArk, there is currently a limitation: the inability to inject ephemeral session parameters (such as AlternateShell, ComputerName, or transformed Username) dynamically at the moment of connecting.
This prevents seamless integration with session-based vault systems where credentials or session tokens are only valid for a few seconds. The current workarounds (external scripts or rtscli) are functional but degrade the user experience significantly.
A feature that enables runtime parameter injection via a Pre-Connect Script hook would solve this elegantly. The script would run right before the connection starts, providing updated values for critical fields like AlternateShell, ComputerName, and Username for that session only.
This functionality would be a significant enabler for secure, modern workflows and would align Royal TS with the operational needs of PAM-integrated environments.
I would be happy to collaborate on testing or providing additional use-case details if needed.
sbo
Hello Royal Apps Team,
I’m a long-time user of Royal TS and greatly appreciate the flexibility of Dynamic Credentials and Dynamic Folders. However, for users working in high-security environments with systems like CyberArk, there is currently a limitation: the inability to inject ephemeral session parameters (such as AlternateShell, ComputerName, or transformed Username) dynamically at the moment of connecting.
This prevents seamless integration with session-based vault systems where credentials or session tokens are only valid for a few seconds. The current workarounds (external scripts or rtscli) are functional but degrade the user experience significantly.
A feature that enables runtime parameter injection via a Pre-Connect Script hook would solve this elegantly. The script would run right before the connection starts, providing updated values for critical fields like AlternateShell, ComputerName, and Username for that session only.
This functionality would be a significant enabler for secure, modern workflows and would align Royal TS with the operational needs of PAM-integrated environments.
I would be happy to collaborate on testing or providing additional use-case details if needed.
Thank you for considering this feature!
Best regards,